Академический Документы
Профессиональный Документы
Культура Документы
Lesson 3
Skills Matrix
Technology Skill Introducing Active Directory Sites Configuring Active Directory Replication Objective Domain Configure sites Configure Active Directory replication Objective # 2.3 2.4
Multiple sites will be joined together by site links. Intersite replication takes place along site links that you defined within Active Directory Sites and Services.
Sites When clients log on to Active Directory, they use DNS to query the Active Directory site topology to locate the closest available domain controller and other network resources. Domain controllers use the site topology to establish replication partners that provide efficiency and keep the Active Directory database consistent.
Default-First-SiteDefault-First-Site-Name When you install the forest root domain controller in an Active Directory forest, the Active Directory Installation Wizard creates a single site called Default-First-Site-Name. The forest root domain controller server object is placed within the Servers folder of this site. The site can be renamed to more accurately reflect a physical location.
Default-First-SiteDefault-First-Site-Name
Active Directory sites are the means by which administrators can control replication traffic.
Domain controllers located in different sites will participate in intersite replication replication.
Occurs on a scheduled basis (every 15 minutes by default). Intersite replication traffic is also compressed by default to decrease the use of network bandwidth. Remember the goal is to minimize bandwidth usage.
Replication Scope
Across Domain
Domain NC
Across Forest:
Schema NC Configuration NC
Across Forest:
Schema NC Configuration NC
Intersite (Compressed)
Intersite (Compressed)
Understanding the Replication Process Replication within Active Directory will occur when one of the following conditions is met:
An object is added or removed from Active Directory. The value of an attribute has changed. The name of an object has changed.
Viewing Active Directory Connection Objects Open the Active Directory Sites and Services MMC snap-in. Click the Sites folder, select the desired site, and then click the Servers folder. Expand the server name for which you wish to view connection objects and right-click NTDS Settings. Click Properties.
Creating a New Site In Active Directory Sites and Services, rightclick the Sites folder and select New Site. In the New Object-Site dialog box, key the name for the site based on your plan. Select the DefaultIPSiteLink from the list of site names and click OK to complete the site creation.
Creating a New Subnet In Active Directory Sites and Services, rightclick the Subnets folder. Select New Subnet from the menu. In the New Object-Subnet dialog box, enter the IP address and subnet mask that correspond to the segment in your design. Select the site you wish to associate with this subnet and click OK.
Replication Protocol For both intrasite and intersite replication, Active Directory uses Remote Procedure Calls over Internet Protocol (RPC over IP) by default for all replication traffic.
RPC is commonly used to communicate with network services on various computers, whereas IP is responsible for the addressing and routing of the data. RPC over IP replication keeps data secure while in transit by using both authentication and encryption.
Replication Protocol
Simple Mail Transport Protocol (SMTP) is an alternative solution for intersite replication when a direct or reliable IP connection is not available.
Use asynchronous replication meaning that each replication, replication transaction does not need to complete before another can start because the transaction can be stored until the destination server is available. SMTP cannot replicate domain directory partitions. Requires an enterprise certification authority (CA) that is fully integrated with Active Directory.
Replication Protocol Unlike RPC over IP, SMTP does not adhere to schedules and should be used only when replicating between different domains over an extremely slow or unreliable WAN link.
Creating a New Site Link Object In Active Directory Sites and Services, expand the Inter-Site Transports folder.
Refreshing the Intrasite Replication Topology In Active Directory Sites and Services, expand Sites, followed by the site where you wish to run the KCC. Expand Servers and double-click one of the domain controllers. In the details pane, right-click NTDS Settings, click All Tasks and select Check Replication Topology.
Determining Which Server Holds the ISTG Role In Active Directory Sites and Services, expand the Sites folder and then expand the appropriate site. In the Details pane, right-click NTDS Site Settings and then select Properties. The Properties page displays the server holding the ISTG role.
Determining Which Server Holds the ISTG Role To force the KCC to regenerate the intersite topology, right-click NTDS Settings. Click All Tasks and then select Check Replication Topology.
Forcing Manual Replication In Active Directory Sites and Services, expand Sites, followed by the site that contains the connection for which you wish to force replication. Locate the server in the Servers container that provides the connection object. Click NTDS Settings in the console tree. In the details pane, right-click the connection for which you want replication to occur and select Replicate Now.
Repadmin
A command-line tool used for the following:
To view the replication topology from the perspective of each domain controller. To manually create a replication topology if site link bridging is disabled because the network is not fully routed. To force replication between domain controllers when you need updates to occur immediately without waiting for the next replication cycle. To view the replication metadata, which is the combination of the actual data and the up-to-date vector or USN information. This is helpful in determining the most up-to-date information prior to seizing an operations master role.
Summary You learned how to define and manage sites and site links. You learned how to determine a site strategy based on the physical network infrastructure. You learned how to use Active Directory Sites and Services to configure replication.
Summary You learned how to understand the differences between intrasite and intersite replication. You learned how to describe the role of the Intersite Topology Generator (ISTG) and Knowledge Consistency Checker (KCC) in site replication.
Summary You learned how to optimize replication by configuring bridgehead servers and site link bridging. You learned how to monitor replication using dcdiag and repadmin.