SITES in Active Directory

Posted: August 28, 2012 in Active Directory, Domain Controller, Server, Server 2003, Server 2008
Tags: , , , , , , , ,
2

Introduction

Replication ensures that all information in Active Directory is current on all domain controllers and client computers across your entire network. Many networks consist of a number of smaller networks, and the network links between these networks may operate at varying speeds. Sites in Active Directory enable you to control replication traffic and other types of traffic related to Active Directory across these various network links. You can use subnet objects, site links, and site link bridges to help control the replication topology when configuring replication between sites. An efficient, reliable replication topology depends on the configuration of site links and site link bridges.

 

What Are Sites and Subnet Objects?

 

Introduction

You use sites to control replication traffic, logon traffic, and requests to the Global Catalog server.

 

Sites

In Active Directory, sites help define the physical structure of a network. A site is defined by a set of Transmission Control Protocol/Internet Protocol (TCP/IP) subnet address ranges. Sites are used to define a group of domain controllers that are well-connected in terms of speed and cost. Sites consist of server objects, which contain connection objects that enable replication.

 

Subnet Objects

The TCP/IP subnet address ranges are represented by subnet objects that group computers. For example, a subnet object might represent all the computers on a floor in a building, or on a campus. Subnet objects are associated with sites and, because the subnet objects map to the physical network, so do the sites. For example, if you have three subnets that represent three campuses in a city, and these campuses are connected by high-speed, highly available connections, you could associate each of those subnets with the same site. A site can consist of one or more subnets. For example, on a network with three subnets in London and two in Boston, the administrator can create a site in London, a site in Boston, and then add the subnets to the respective sites.

 

Default Site

A default site is set up automatically when you install Windows Server on the first domain controller in a forest. This site is called Default-First-Site- Name. This site can be renamed. When you create your first domain in a forest it is automatically placed in the default site.

GLOBAL CATALOG SERVER

Posted: August 28, 2012 in Active Directory, DNS, Domain Controller, Server, Server 2003, Server 2008
Tags: , , , , ,
2

Introduction

A global catalog server is a domain controller that stores two forest-wide partitions, schema and configuration, a read/write copy of the partition from its own domain, and also a partial replica of all other domain partitions in the forest. These partial replicas contain a read-only subset of the information in each domain partition.

 

How does replication affect the global catalog server?

When a new domain is added to a forest, the information about the new domain is stored in the configuration partition, which is replicated to all domain controllers, including global catalog servers, through normal forest-wide replication. Then each global catalog server becomes a partial replica of the new domain by contacting a domain controller for that domain and obtaining the partial replica information. The configuration partition also contains a list of all global catalog servers in the forest and provides this information to the domain controllers. Global catalog servers register special DNS records in the DNS zone that correspond to the Forest Root domain. These records, which are registered only in the Forest Root DNS zone, help clients and servers locate global catalog servers throughout the forest.

Automatic Generation of Replication Topology

Posted: August 24, 2012 in Active Directory, DNS, Server, Server 2003, Server 2008
Tags: , , , , , , ,
0

Introduction

When you add domain controllers to a site, Active Directory uses the Knowledge Consistency Checker (KCC) to establish a replication path between domain controllers.

 

What is Knowledge Consistency Checker?

The KCC is a built-in process that runs on each domain controller and generates the replication topology for all directory partitions contained on that domain controller. The KCC runs at specified intervals (every 15 minutes by default) and designates replication routes between domain controllers that are the most favorable connections available at the time.

 

How KCC works?

To automatically generate a replication topology, the KCC evaluates information in the configuration partition on sites, the cost of sending data between these sites, any existing connection objects, and the replication protocols that can be used between the sites. Next, the KCC calculates the best connections for a domain controller’s directory partitions to other domain controllers. Additionally, if replication within a site becomes impossible or has a single point of failure, the KCC automatically establishes new connection objects between domain controllers to maintain Active Directory replication.

Sites and Directory Replications

Posted: August 24, 2012 in Active Directory, DNS, Server, Server 2003, Server 2008
Tags: , , , ,
4

Partitions:-

Introductions

The Active Directory database is logically separated into directory partitions, a schema partition, a configuration partition, domain partitions, and application partitions. Each partition is a unit of replication, and each partition has its own replication topology. Replication is performed between directory partition replicas. All domain controllers in the same forest have at least two directory partitions in common: the schema and configuration partitions. All domain controllers in the same domain, in addition, share a common domain partition.

 

Schema Partition:

There is only one schema partition per forest. The schema partition is stored on all domain controllers in a forest. The schema partition contains definitions of all objects and attributes that can be created in the directory, and the rules for creating and manipulating them. Schema information is replicated to all domain controllers in the forest, so all objects must comply with the schema object and attribute definitions.

 

Configuration Partition:

There is only one configuration partition per forest. The configuration partition is stored on all domain controllers in a forest. The configuration partition contains information about the forest-wide Active Directory structure, including what domains and sites exist, which domain controllers exist in each, and which services are available. Configuration information is replicated to all domain controllers in a forest.

 

Domain Partition:

There can be many domain partitions per forest. The domain partitions are stored on all of the domain controllers of the given domain. A domain partition holds information about all domain-specific objects created in that domain, including users, groups, computers, and organizational units. The domain partition is replicated to all domain controllers of that domain. All objects in every domain partition in a forest are stored in the Global Catalog with only a subset of its attribute values.

 

REPLICATIONS:

The replication process occurs between two domain controllers at a time. Over time, replication synchronizes information in Active Directory for an entire forest of domain controllers. To create a replication topology, Active Directory must determine which domain controllers replicate data with other domain controllers.

 

DNS Name Resolution

Posted: August 23, 2012 in Active Directory, Server, Server 2003, Server 2008
Tags: , ,
0

This is how the name resolution works:

  1. You try to open up a Webpage on the Ignited Soul website, to do so, you type http://Ignitedsoul.com in the address bar of your browser and then press Enter, That’s when the Name Resolution begins.
  2. Your Computer sends out a request to its local DNS server or at least to one of the servers listed in its IP configuration settings for the same.
  3. If this server doesn’t include the name in its own database or cache, it sends a referral request to the name server. Because the Ignitedsoul site name ends in .com, the DNS server sends the referral to the .com name server.
  4. The .com name server is the authority for all names that end in the .com suffix. This server knows the location of all DNS servers that are the final authorities for a particular name ending with .com. in this case; it sends the request to the authoritative DNS server for the ignitedsoul.com name.
  5. The DNS server for ignitedsoul.com sends the corresponding IP address for the requested page to the client computer.
  6. The name resolver on the client uses the IP address to request the actual page from its internet provider.
  7. If the page is not already in the local cache of the internet provider, it requests the actual page and sends it to the client.

This DNS Name resolution process occurs within seconds, and the website appears almost as fast as you type it in browser, also depending on the speed of your Internet connection and the current load of the requested server. That’s what happens when you look at the green progress bar at the bottom of your browser. The actual progress also includes downloading the content such as the text and the graphics to your own computer.

Types of Routers

Posted: August 7, 2012 in Networking, Routers
Tags: , ,
0

There are around 5 types of routers:

– Wired Router: These are devices that connect directly to computers using cable. One of the ports on the Wired Router allows the router to connect to a modem for receiving internet, while the other set of ports transmits the data to computers using the network cable.

– Wireless Router: This is almost same as the wired router, this device connects to the Modem using wire, but while transmitting the data it can do it in two types, the Wired and Wireless. This device converts the data packets to radio signals.

– Core Routers: A core router is a wired or wireless router that distributes Internet data packets within a network, but does not distribute data packets between multiple networks.

– Edge Routers: an edge router is a wired or wireless router that distributes Internet data packets between one or more networks, but does not distribute data packets within a network.

– Virtual Router: Unlike a physical wired or wireless router, a virtual router acts as a default router for computers sharing a network. The router functions using the Virtual Router Redundancy Protocol (VRRP), which becomes active when a primary, physical router fails or otherwise becomes disabled.

Classless Inter-Domain Routing (CIDR)

Posted: August 2, 2012 in Active Directory, Domain Controller, Internet Protocol, Server, Server 2003, Server 2008
Tags: , , , ,
0

Classless Inter-Domain Routing (CIDR) is a method for allocating IP addresses and routing Internet Protocol packets. It is a way to allocate and specify the Internet addresses used in inter-domain routing more flexibly than with the original system of Internet Protocol (IP) address classes. As a result, the number of available Internet addresses has been greatly increased. CIDR is now the routing system used by virtually all gateway hosts on the Internet’s backbone network.

IP addresses are described as consisting of two groups of bits in the address: the more significant part is the network address, which identifies a whole network or subnet, and the less significant portion is the host identifier, which specifies a particular interface of a host on that network. This division is used as the basis of traffic routing between IP networks and for address allocation policies. Classful network design for IPv4 sized the network address as one or more 8-bit groups, resulting in the blocks of Class A, B, or C addresses. Classless Inter-Domain Routing allocates address space to Internet service providers and end users on any address bit boundary, instead of on 8-bit segments. In IPv6, however, the interface identifier has a fixed size of 64 bits by convention, and smaller subnets are never allocated to end users.

CIDR notation is a syntax of specifying IP addresses and their associated routing prefix. It appends to the address a slash character and the decimal number of leading bits of the routing prefix, e.g., 192.0.2.0/24 for IPv4, and 2001:db8::/32 for IPv6.

Problems Connecting Buffalo Terastation LS -WSX1.0TL/R1 to Network

Posted: July 20, 2012 in Backup
Tags: , ,
0

Symptoms: The Device will be connected to the network, you will be able to ping the IP address assigned from DHCP to the device, but you will not be able to access the device using Web Interface and through network share too.

The issue resists even though you have installed the software’s provided in the CD ROM.

Resolution 1:

I found a very easy solution for the issue. As you know we have a small switch below the USB port, where it is mentioned as AUTO; ON; OFF as in the picture below (Marked)

By default the switch was on AUTO, so I was not able to access the shares and the web interface.

I changed it to ON, and the very few seconds I was able to access the shares and through web interface too.

Note: The Green Light blinks when the switch is at Auto, As soon as the Switch is changed to “ON” the Blue light starts to blink.

Resolution 2:

Reset the Device. (*IMP: Make sure you have the Data backup in other device or a computer)

–       Please switch the Device to OFF and wait until the lights are off.

–       Hold the function button for 10 seconds while it is still off.

–       While still holding the function button after 10 seconds please flip the switch to off.

–       Once the function light begins to blink release the function button and press it again for one second.

–       Wait until the power light is solid and this will restore your unit.

*This process will not delete any data and will only restore the admin password and set the IP address back to DHCP.

Also check for the Antivirus and the Firewall blocks, even they may come into picture.

Other Posts related to Backup:

Robocopy-error-5-0x00000005-changing-file-attributes-access-is-denied

What is Backup?

VM Backup

 

Robocopy ERROR 5 (0x00000005) Changing File Attributes: Access is denied

Posted: July 12, 2012 in Backup
Tags: , , ,
11

This error may occur if the reported folder is not accessible by the Service account on which the Backup is configured.

I use the below Robocopy command to backup my files to a network drive:

Robocopy “Source Folder” “Target Folder” /e /r:3 /w:1 /sec /mir /z /b /np /log:c:\Backup.log

As in the above syntaxes used below are the description of them:

/e: Copies subdirectories.

/r: Retry Option.

/w: Wait time.

/sec: Copies the security permission as same as the source folder.

/mir: Mirrors the directory tree. (Same as /e or /purge)

/z: Copies files in Restart mode.

/b: Copies files in Backup Mode.

/np: The progress of the copying operation will not be displayed. (% progress of each file)

/log: Creates a log file in the root directory so that you can have the details of copy.

For the error 5, it may be due to multiple reasons, include the below syntaxes to troubleshoot the error:

  1. You need to use the /FFT flag to assume FAT file times (2 second granularity). Although the target folder is Ntfs/Fat, these file systems also implement file times with 2 second granularity.
  2. You need to turn off the attribute copying. Robocopy uses the /COPY:DAT by default, which means to copy data, attributes and timestamp. You should turn off attribute copying by explicit setting /COPY:DT

This syntax should resolve the issue with Error 5 of Robocopy.

The Final Robocopy command would look like this:

Robocopy “Source Folder” “target Folder” /e /r:3 /w:1 /sec /mir /z /b /np /COPY:DT /FFT /log:c:\Backup.log

You may also get an issue where some of the automatic files generated by windows will not backup; these files may include Thumbs.db or Desktop.ini

You can exclude these file by adding the /XF syntax in the command.

You may also exclude some of the unwanted folder to be backed up from the command, for that you need to use /XD

Example command to exclude the unwanted files or folders:

Robocopy “Source Folder” “target Folder” /e /r:3 /w:1 /sec /mir /z /b /np /COPY:DT /FFT /XF *.ini thumbs.db /XD .trash /log:c:\Backup.log

Hope you have an error-free Backup 🙂

Other Posts related to backup:

https://ignitedsoul.com/2011/12/16/vm-backup-win-server-2008-r2-hyper-v/

https://ignitedsoul.com/2011/08/19/what-is-a-backup/

DNS Forwarders

Posted: July 6, 2012 in Active Directory, Domain Controller, Server 2003, Server 2008, System Information
Tags: , , , ,
1

If a DNS Server does not have an entry in its database for the remote host specified in a client request, it can respond to the client with the address of a DNS Server more likely to have that information, or it can query the other DNS server itself. This process can take place recursively until either the client computer receives the IP address or the DNS server establishes that the queried name cannot be resolved. DNS Servers to which other DNS Servers forward requests are known as Forwarders.

The Windows 2008 DNS Server service extends the standard forwarder configuration by using conditional forwarders. A Conditional Forwarder is a DNS Server that forwards DNS Query according to the DNS domain name in the query. For example, you can configure a DNS server to forward all the queries that it receives for names ending with Ignitedsoul.com to the IP address of one or more specified DNS Servers. This feature is particularly useful on extranets, where several organizations and domains access the same private internetwork.

Other Posts Related to DNS:

https://ignitedsoul.com/2012/01/25/dns-record-keeping/

 

Older Entries
Newer Entries