Archive for August 28, 2012

Introduction

In order for two sites to exchange replication data, they must be connected by a site link. A site link is a connection that enables replication traffic to travel between sites. Site links represent the physical connections available between sites.

 

Why to create Site Link?

When you create additional sites, you must select at least one site link for each site. Unless a site link is in place, connections cannot be made between computers at different sites, and replication between sites cannot take place. Additional site links are not created automatically; you must use Active Directory Sites and Services to create them.

 

Default Site Link

When you create the first domain in a forest, a default site link named DEFAULTIPSITELINK is also created. It includes the first site, and is located in the IP container in Active Directory. The site link can be renamed.

 

Site link attributes

When you create a site link, you must select the transport protocol it will use, give it a name, and add two or more sites to it. The sites are then connected. The characteristics of this connection are determined by the site link attributes, which can be configured. The connection characteristics are configured on the link, so all sites connected by a single site link will use the same replication path and transport. Configuring site link attributes is one part of configuring replication between sites. Site link attributes determine the characteristics of the connection in terms of the cost, frequency of replication traffic, and the protocols used.

 

Site link cost

Site link cost is a dimensionless number that represents the relative speed, reliability and preference of the underlying network. The lower the site link cost, the higher the priority for that link. For example, your organization has a site in Denver and a site in Paris with two connections between them: a high-speed connection and a dial-up connection in case the high-speed connection fails. You would configure two site links, one for each connection. Because the high-speed connection is preferable to a dial-up connection, you would configure the site link representing it with a lower cost than the site link for the dial-up line. Because the site link representing the high-speed connection has a lower cost, it has a higher priority, and that site link will always be used if possible. Setting site link cost enables you to determine the relative priority for each site link. The default cost value is 100, with possible values from one to 99999.

 

Site link replication Schedule

Replication schedule is another site link attribute that can be configured. When you configure the link’s schedule, you specify the times when the link is available for replication. Often, replication availability is configured for times when there is little other network traffic, for example from 1:00 A.M. to 4:00 A.M. The fewer hours a link is available for replication, the greater the latency between sites that are connected by that link. The need to have replication occur at off-peak hours should be balanced against the need for up-to-date information at each site connected by the link.

 

Site link replication frequency

When you configure the frequency of replication, you specify how many minutes Active Directory should wait before using the link to check for updates. The default value for replication frequency is 180 minutes, and the value you choose must fall between 15 minutes and one week. Replication frequency only applies to the times when the link is scheduled to be available. Longer intervals between replication cycles reduce network traffic and increase the latency between sites. Shorter intervals increase network traffic and decrease latency. The need to reduce network traffic should be balanced against the need for up-to-date information at each of the sites connected by the link.

 

Site link transport protocols

A transport protocol is a common language shared by computers to communicate during replication. Within a single site, there is only one protocol used for replication. When you create a site link, you must choose to use one of the following transport protocols:

1. Remote procedure call (RPC) over IP. RPC is an industry standard protocol for client/server communications, and provides reliable, high speed connectivity within sites. Between sites, RPC over IP enables replication of all Active Directory partitions. RPC over IP is the best transport protocol for replication between sites.

2. Simple mail transfer protocol (SMTP). SMTP supports intersite and interdomain replication of the schema, configuration, and global catalog. This protocol cannot be used for replication of the domain partition. This is because some domain operations, for example Group Policy, require the support of the File Replication service (FRS), which does not support an asynchronous transport for replication. If you use SMTP, you must install and configure a certificate authority to sign the SMTP messages and ensure the authenticity of directory updates. Additionally, SMTP does not provide the same level of data compression that RPC over IP enables.

 

Introduction

Replication ensures that all information in Active Directory is current on all domain controllers and client computers across your entire network. Many networks consist of a number of smaller networks, and the network links between these networks may operate at varying speeds. Sites in Active Directory enable you to control replication traffic and other types of traffic related to Active Directory across these various network links. You can use subnet objects, site links, and site link bridges to help control the replication topology when configuring replication between sites. An efficient, reliable replication topology depends on the configuration of site links and site link bridges.

 

What Are Sites and Subnet Objects?

 

Introduction

You use sites to control replication traffic, logon traffic, and requests to the Global Catalog server.

 

Sites

In Active Directory, sites help define the physical structure of a network. A site is defined by a set of Transmission Control Protocol/Internet Protocol (TCP/IP) subnet address ranges. Sites are used to define a group of domain controllers that are well-connected in terms of speed and cost. Sites consist of server objects, which contain connection objects that enable replication.

 

Subnet Objects

The TCP/IP subnet address ranges are represented by subnet objects that group computers. For example, a subnet object might represent all the computers on a floor in a building, or on a campus. Subnet objects are associated with sites and, because the subnet objects map to the physical network, so do the sites. For example, if you have three subnets that represent three campuses in a city, and these campuses are connected by high-speed, highly available connections, you could associate each of those subnets with the same site. A site can consist of one or more subnets. For example, on a network with three subnets in London and two in Boston, the administrator can create a site in London, a site in Boston, and then add the subnets to the respective sites.

 

Default Site

A default site is set up automatically when you install Windows Server on the first domain controller in a forest. This site is called Default-First-Site- Name. This site can be renamed. When you create your first domain in a forest it is automatically placed in the default site.

Introduction

A global catalog server is a domain controller that stores two forest-wide partitions, schema and configuration, a read/write copy of the partition from its own domain, and also a partial replica of all other domain partitions in the forest. These partial replicas contain a read-only subset of the information in each domain partition.

 

How does replication affect the global catalog server?

When a new domain is added to a forest, the information about the new domain is stored in the configuration partition, which is replicated to all domain controllers, including global catalog servers, through normal forest-wide replication. Then each global catalog server becomes a partial replica of the new domain by contacting a domain controller for that domain and obtaining the partial replica information. The configuration partition also contains a list of all global catalog servers in the forest and provides this information to the domain controllers. Global catalog servers register special DNS records in the DNS zone that correspond to the Forest Root domain. These records, which are registered only in the Forest Root DNS zone, help clients and servers locate global catalog servers throughout the forest.