PlayUKlottery.com - win up to 42 million Pounds
Lesson 6: Configuring Active Directory Replication

Cover
LOC Page
About This Book
Chapter and Appendix Overview
Getting Started
The Microsoft Certified Professional Program
Technical Support
Chapter 1 -- The Microsoft Windows 2000 Platform
Lesson 1: Overview of the Windows 2000 Platform
Lesson 2: Windows 2000 Professional
Lesson 3: Windows 2000 Server
Lesson 4: Windows 2000 Advanced Server and Windows 2000 Datacenter Server
Review
Chapter 2 -- Installing Windows 2000
Lesson 1: Preparing to Install
Lesson 2: Installing Windows 2000 from a CD-ROM
Lesson 3: Installing Windows 2000 over the Network
Lesson 4: Troubleshooting Windows 2000 Setup
Review
Chapter 3 -- Configuring the DNS Service
Lesson 1: Understanding DNS
Lesson 2: Resolving Names
Lesson 3: Installing the DNS Service
Lesson 4: Configuring the DNS Service
Lesson 5: Configuring a DNS Client
Lesson 6: Troubleshooting the DNS Service
Review
Chapter 4 -- Implementing Active Directory Directory Services
Lesson 1: Introduction to Active Directory Directory Services
Lesson 2: Active Directory Structure and Site Replication
Lesson 3: Active Directory Concepts
Lesson 4: Introduction to Planning
Lesson 5: Installing Active Directory Directory Services
Lesson 6: Configuring Active Directory Replication
Review
Chapter 5 -- Administering Active Directory Directory Services
Lesson 1: Creating Organizational Units
Lesson 2: Creating User and Computer Accounts
Lesson 3: Managing Groups
Lesson 4: Controlling Access to Active Directory Objects
Review
Chapter 6 -- Managing Desktop Environments with Group Policy
Lesson 1: Understanding Group Policy
Lesson 2: Applying Group Policy
Lesson 3: Configuring Group Policy
Review
Chapter 7 -- Managing Software by Using Group Policy
Lesson 1: Introducing the Software Installation and Maintenance Technology
Lesson 2: Deploying Software
Lesson 3: Upgrading Software
Lesson 4: Managing Software
Review
Chapter 8 -- Managing File Resources
Lesson 1: Sharing and Publishing File Resources
Lesson 2: Administering Shared Folders by Using Dfs
Lesson 3: Using NTFS Special Access Permissions
Lesson 4: Managing Disk Quotas on NTFS Volumes
Lesson 5: Increasing Security with EFS
Lesson 6: Using Disk Defragmenter
Review
Chapter 9 -- Configuring Remote Access
Lesson 1: Understanding the New Authentication Protocols in Windows 2000
Lesson 2: Configuring Inbound Connections
Lesson 3: Configuring Outbound Connections
Lesson 4: Examining Remote Access Policies
Lesson 5: Creating a Remote Access Policy
Review
Chapter 10 -- Supporting DHCP and WINS
Lesson 1: New DHCP Functionality
Lesson 2: New WINS Functionality
Review
Chapter 11 -- Managing Disks
Lesson 1: Introduction to Disk Management
Lesson 2: Common Disk Management Tasks
Review
Chapter 12 -- Implementing Disaster Protection
Lesson 1: Using Fault-Tolerant Volumes
Lesson 2: Using Advanced Startup Options
Lesson 3: Using the Recovery Console
Lesson 4: Using the Backup Utility
Lesson 5: Performing an Emergency Repair
Review
Chapter 13 -- Upgrading a Network to Windows 2000
Lesson 1: Planning a Network Upgrade
Lesson 2: Establishing the Root Domain
Lesson 3: Upgrading Domain Controllers and Member Servers
Lesson 4: Upgrading Client Operating Systems
Review
Chapter 14 -- Using Remote Installation Services
Lesson 1: Performing Remote Installations
Lesson 2: Creating Distribution Servers
Review
Appendix A -- Questions and Answers
Appendix B -- Creating Setup Disks
About This Electronic Book
About Microsoft Press


[Previous] [Next]

Lesson 6: Configuring Active Directory Replication

Active Directory directory services automatically configure a default topology to enable replication within a domain. For a network that includes multiple locations, however, you must customize the replication topology to minimize the impact of replication traffic on the network.

To configure Active Directory replication, you need to map your physical network to Active Directory directory services by creating sites and site links. A site is a combination of one or more Internet Protocol (IP) subnets that are connected by a high-speed link. A site link is a connection between two or more sites.

When you create a site link, you specify values that reflect information about available connections, preferred connection times, and available bandwidth. Active Directory directory services use this information to determine the times and connections for replication that will afford the best performance for your network.

After this lesson, you will be able to

  • Describe Active Directory replication.

Estimated lesson time: 30 minutes

Understanding Replication Between Sites

In a Windows NT 4.0 network, replication is single master. All changes to a domain are made on the primary domain controller. The changes are then replicated directly to the backup domain controllers in the domain. In a Windows NT 4.0 network, the only way to control the flow of replication traffic is by creating multiple domains in different physical locations.

In Windows 2000, however, all domain controllers are peers, and replication is multimaster. As a result, you can make changes to a domain on any domain controller, and those changes replicate to every other domain controller in the domain. In a Windows 2000 network, you can control the flow of replication traffic by configuring sites and site links that map your network's physical structure to Active Directory directory services.

Within a site, Windows 2000 automatically configures replication, though you can modify the configuration to optimize replication. Between sites, however, you must configure replication manually.

When you install Active Directory directory services, the Active Directory Installation wizard creates a default topology that accommodates replication for a single location with high-speed connectivity. However, if your network includes multiple locations, Active Directory replication will not be optimized for your network structure.

Figure 4.12 demonstrates how the default replication topology requires a change on a domain controller in Atlanta to replicate across the slow wide area network (WAN) link four times to update every domain controller in the domain.

Click to view at full size.

Figure 4.12 Default replication topology

To optimize replication traffic, you need to customize the default replication topology by mapping the physical structure of your network to Active Directory directory services.

Figure 4.13 demonstrates how the customized replication topology enables a change on a domain controller in Atlanta to replicate to all domain controllers in Atlanta and cross the slow WAN link only a single time before replicating to all domain controllers in Mexico City.

Click to view at full size.

Figure 4.13 Customized replication topology

Examining Site Link Placement

In Windows 2000, you define a network model of sites and site links within Active Directory directory services to control the flow of replication traffic. Based on the model you define, Active Directory directory services create connections that enable replication. If any connection in the replication topology fails, Active Directory directory services modify the remaining connections to maintain replication within the network.

Figure 4.14 provides examples of site link placement in three basic network models.

Click to view at full size.

Figure 4.14 Three basic network models

Sites Connected by Routers

In example 1 in Figure 4.14, routers connect multiple sites, and the cost of traffic among the sites in the example is not uniform. For example, the cost associated with sending traffic from A to B is not the same as the cost associated with sending traffic from A to C. As a result, you must create a site link to define each WAN connection. The relative cost of each connection depends on the speed of that connection.

For example, if site link AB models a network connection of 128 Kbps and site link BC models a network connection of 256 Kbps, the cost of site link AB will be twice as much as the cost of site link BC.

Sites Connected by Network Equipment at Uniform Speeds

In example 2 in Figure 4.14, a switch connects multiple sites. Because the cost of traffic flowing from one site to any other site in the example is the same, you can create a site link that defines the connection between all four sites. While you must assign a cost to the site link, the value you assign is arbitrary unless you intend to create another site link in the network.

Sites Connected by Network Equipment at Different Speeds

In example 3 in Figure 4.14, a switch connects multiple sites, including a remote site. The connection speed to the remote site is different from the connection speed to the other sites in the model, and therefore has a different cost.

Example 3 includes two site links:

  • One site link defines the connection between the sites that are using similar bandwidths.

  • One site link defines the connection between the switch area and the remote site. The cost of connecting to the remote site (D) is the same for each of the sites in the switch area, so any of the sites (A, B, or C) can be part of the site link.

Creating and Configuring a Site

After you assess a cost for each WAN connection, you map your physical network to Active Directory directory services by configuring sites and then configuring site links to define the connections between those sites.

Configuring a site involves creating a site and configuring a subnet in Active Directory directory services. Subnets define the IP address ranges that exist within a site. When you configure a subnet, you must associate it with a site.

IMPORTANT
To create sites and configure subnets in Active Directory directory services, you must log on as a member of the Enterprise Admins group. The Enterprise Admins group exists in the root domain of the forest.

When you create a site, you must associate it with a site link. Before you configure the site links that map the connectivity in your network, you must specify the default site link, DEFAULTIPSITELINK.

NOTE
The Active Directory Installation wizard creates the default site link during installation.

You create sites in Active Directory directory services to optimize replication traffic and to enable users to connect to a domain controller by using a reliable, high-speed connection. To create and configure a site, use the Active Directory Sites and Services snap-in. Right-click Sites, click New, and then click Site. You must provide a site name, and select a site link.

Configuring a Subnet in Active Directory Directory Services

A subnet in Active Directory directory services provides the link between IP addresses and sites. You can only associate a subnet with one site; however, you can associate a site with multiple subnets. When you configure a subnet in Active Directory directory services, you must specify the network/bit-masked identifier for the subnet. The network/bit-masked identifier includes the subnet ID for the subnet and the number of bits masked by the subnet mask.

For example, if your subnet ID is 10.14.208.0 and your subnet mask is 255.255.240.0, to determine that the network/bit-masked identifier would be 10.14.208.0/20, do the following steps.

Note that the subnet mask is represented by four decimal numbers separated by a period. Each number can be referred to as an octet, which means it can be represented by 8 binary digits (bits). To calculate the number of bits masked, you could do the following:

  1. Start Calculator, and on the View menu of Calculator, select Scientific.

    2. Scientific mode of Calculator allows you to convert decimal numbers to binary, which will allow you to calculate the number of bits.

  2. Make sure the Dec radio button is selected.

    3. This sets Calculator in decimal mode, which means any numbers entered will be understood as decimal.

  3. Enter the first octet of your subnet mask into Calculator.

    4. If your subnet mask was 255.255.248.0, the first octet is 255. The first octet is always on the left.

  4. Click the Bin radio button.

    5. The number you now see is the binary representation of the decimal number you entered first. Notice that there are eight 1 bits.

  5. Click the Dec radio button to change Calculator back to decimal mode.

  6. Continue entering the second, third, and fourth octet into Calculator and converting them to binary. Record the number of 1 bits in the table below. Add the numbers in the second column and record the total.

    7. Octet Number of 1 bits
    1st 8
    2nd 8
    3rd 4
    4th 0
    Total 20

    The total is the number of bits masked by your subnet mask.

  7. Close Calculator.

To configure a subnet in Active Directory directory services, use Active Directory Sites and Services. Expand Sites to see Subnets. When you select New Subnet, you must provide the network/bit-masked identifier and a site with which to associate this subnet.

Configuring a Site Link

After you configure the sites for your network, you create site links in Active Directory directory services to map the connections between the sites. For each site link, you need to specify the following properties to define the connections in your network:

  • Cost. By default, the cost of a site link is 100.

  • Replication interval. The replication interval defines the frequency of replication. By default, replication occurs every three hours.

  • Schedule. The schedule declares the time periods during which the link is available. For instance, you might make a site link representing a dial-up line unavailable during business hours when phone rates are high. By default, replication can occur at all times.

NOTE
You specify site link properties on the General tab of the Properties dialog box for a site link.

To create a site link, open Active Directory Sites and Services, expand Sites, and then expand Inter-Site Transports. Right-click IP or SMTP, depending on which transport protocol you want the site link to use, and click New Site Link. In the Name box, type the name for the site link. Click two or more sites to include in this site link, and then click Add.

NOTE
You must specify either Internet Protocol (IP) or Simple Mail Transport Protocol (SMTP) as the transport protocol for communication between sites. The preferred protocol is IP because SMTP has limited replication capabilities.

After you configure the sites and site links for your network, Active Directory directory services directs the flow of replication traffic accordingly.

Configuring a Global Catalog Server

After you configure Active Directory replication for your network, you configure a global catalog server for each site in your network to accomplish the following goals:

  • Improving the performance of forestwide queries, by providing a partial list of attributes for every object in Active Directory directory services

  • Reducing the time required for user logon, by ensuring that logon traffic remains within that site

  • Enhancing the reliability of user logon, by ensuring that there are multiple global catalog servers to complete user logon

To configure a domain controller as a global catalog server, use Active Directory Sites and Services. In the console tree, right-click NTDS Settings, click Properties, and on the General tab, select the Global Catalog Server check box.

NOTE
Active Directory directory services automatically configure the first domain controller in a forest as a global catalog server.