Configure Active Directory Replication
The AD DS contains a data store called ntds.dit that it uses for identity and management of AD objects. This database file contains directory partitions, which is also called the naming context. Each naming context contains objects of a particular scope and purpose. The major naming contexts are:
- Domain: This naming context contains all the objects stored in the domain including users, groups, computers and group policy containers.
- Configuration: This naming context contains objects that represent the logical structures or the physical topology of the forest including domain, sites, subnets, and services.
- Schema: This naming context defines the object classes and other attributes of the entire directory or the database.
Traditionally the replicas of the domain controllers were the complete replicas but now days, when the replication occurs between domain controllers, the entire directory is not copied; rather some of the naming contexts are copied to other domain controllers. For example the domain naming context is replicated to all the domain controllers within the domain but not to the domain controllers outside the domain. The configuration and schema naming contexts are replicated to all the domain controllers in a forest.
The Active directory also supports Application Directory Partition that stores only the object required by an application or a service. This partition is only a portion of the data store. The good thing about the application partition is that they can be replicated to specific domain controllers because they are not replicated to all the domain controllers by default.
The AD replication ensures that the information on each domain controller in a domain contains the same and consistent information. Although the information may not be exactly the same at any one moment in time because the changes are constantly been made, the replication ensures that all the changes to a partition are transferred to all the replicas of the partition.
The replication topology need not be created manually. It is automatically generated and optimized by an AD component called Knowledge Consistency Checker (KCC) among the domain controllers in the same domain. KCC creates connection objects that connect two domain controllers of different sites that participate in replication. The connection objects can also be created manually to force replication.
The replication can be of two types:
- Intrasite replication: Refers to the replication that occurs between the domain controllers on the same site. It is faster as compared to intersite replication because it is done on the objects on the same site. You need to configure site links to configure intrasite replication.
- Intersite replication: Refers to the replication that occurs between different sites.
Configure Site Links
The site link is a logical and transitive connection between two or more sites that allow the replication between two sites. KCC uses site links to determine the replication path between the two sites.
To configure site links, you need to:
- Open Active Directory Sites and Services snap-in by clicking Start- >Administrative Tools-> Active Directory Sites and Services.
- Expand Inter-Site Transports folder and right-click either IP or SMTP folder depending on the protocol that you want to use to create a site link
- Select New Site Link from the menu that appears, as shown in Figure 3-20:
The New Object –Site Link dialog box appears, as shown in Figure 3-21.
- Provide the name of the site link.
- Select the sites that you want to connect from the Sites not in this site link list and click Add
- The selected sites will be moved to Sites in this site link list. If the sits already belong to the same link they will automatically appear in the Sites in this site link list.
- Click OK.
The site link is created between the selected sites.
After configuring a site link, you can configure its various attributes such as: site link cost, site link replication frequency, site link replication availability, and site replication schedule.
To configure the site link, attributes, you need to:
- Right-click the site link that you want to configure in the Active Directory Sites and Services snap-in and then select Properties from the menu that appears, as shown in Figure 3-22.
The properties window for the selected link appears, as shown in Figure 3-23.
You can configure the Cost and the Replicate every fields.
The cost refers to the cost of connection with respect to speed of the link. The lower costs are used for fast links. For example, consider you have two connections, T1 line and a dial up connection. So if you configure lower cost for T1 connection, the T1 connection will always be used till it is unavailable. The default cost is 100.
- Modify the Cost field as desired.The Replicate every field allows you to configure the replication frequency for the site link. The minimum value for the field is 15 (minutes) and maximum value is 10080 (7 days).
- Modify the Replicate every field as desired.
You can also configure the replication availably schedule for the site link by clicking Change Schedule button on the properties window for the selected link.