………
How AD DS Replication Works
Active Directory replication:
• Uses a multimaster model
• Uses pull replication
• Uses store and forward replication
• Uses loose consistency with convergence
Changes that initiate replication include:
• Addition of an object to AD DS
• Modification of an object’s attribute values
• Deletion of an object from the directory
How AD DS Replication Works Within a Site
In a single site:
• Domain controllers notify replication partners when updates are applied
• For normal updates, the change notification happens 15 seconds after the change is applied
• Notifications for security-related changes are sent immediately
• Replication updates are not compressed
Resolving Replication Conflicts
In a multimaster replication model, replication conflicts can arise when:
• The same attribute is changed on two domain controllers simultaneously
• An object is moved or added to a deleted container on another domain controller
• Two objects with the same relative distinguished name are added to the same container on two different domain controllers
Optimizing Replication
• In a multimaster replication model, AD DS up datescan be replicated using multiple paths
• AD DS uses update sequence numbers, high watermarks, and up-to-dateness vectors to ensure that updates are replicated to a specific domain controller only once
How the Replication Topology Is Generated
• Each domain controller has two replication partners for each Active Directory partition
• The KCC creates two one-way connection objects between replication partners to ensure that no two domain controllers are ever more than three network hops away
• When a new domain controller is added to a site, the KCC recalculates connection objects
• Connection objects can replicate one or more partitions
Active Directory uses the KCC to establish a replication path between domain controllers
Discussion: Why Implement Additional Sites?
• Why would an organization choose to implement additional sites?
• What are the benefits and disadvantages of creating additional sites?
Demonstration: Configuring AD DS Sites
In this demonstration, you will see how to:
• Create sites and subnets
• Move domain controllers to other sites