260 likes | 297 Views
2.3. Plan Active Directory. TestOut Server Pro 2016: Identity. Active Directory Replication. Section Skill Overview. Manage Active Directory replication. Configure intrasite replication. Configure intersite replication. TestOut Server Pro 2016: Identity. Key Terms.
E N D
2.3 Plan Active Directory TestOut Server Pro 2016: Identity Active Directory Replication
Section Skill Overview • Manage Active Directory replication. Configure intrasite replication. Configure intersite replication. TestOut Server Pro 2016: Identity
Key Terms • Site Link Bridge Bridgehead Server Connection Site Link Cost Distributed File System (DFS) File Replication Service (FRS) TestOut Server Pro 2016: Identity
Key Definitions • Site Link Bridge: A collection of two or more site links that can be grouped as a single logical link. Bridgehead Server: A domain controller in a site that replicates with domain controllers in other sites. Connection: A logical communication channel between domain controllers. Site Link Cost: A number assigned to a site link that identifies the overall relative cost of using that site link. The cost is used to select the optimal path between sites when more than one path exists. TestOut Server Pro 2016: Identity
Key Definitions • Distributed File System (DFS): A set of client and server services that allow an organization using Microsoft Windows servers to organize many distributed SMB file shares into a distributed file system. File Replication Service (FRS): Used for replicating the Distributed File System folder (SYSVOL) for Microsoft Server preceding Windows Server 2008 R2. TestOut Server Pro 2016: Identity
Site Link Objects • IP site links: • Support all types of replication. • Must allow RPC traffic through firewall to replicate. • Are used in nearly all cases (99.9%). • SMTP site links: • Are used between sites without reliable, persistent links. • Have several drawbacks: • Only transfers schema, configuration, and application partition data. • Do not transfer domain data. • Require an Enterprise Certification Authority and an SMTP server at each end of the link. TestOut Server Pro 2016: Identity
Site Link Cost • An arbitrary number used to favor faster connections. • Slower connections are avoided by using a higher cost number. • Active Directory always chooses the least cumulative cost. TestOut Server Pro 2016: Identity
Replicating from Site A to Site D TestOut Server Pro 2016: Identity
Site Link Cost Comparison TestOut Server Pro 2016: Identity
Site Link Schedules • Define when Active Directory replication can occur. • May be set to avoid replication during peak traffic of limited bandwidth. TestOut Server Pro 2016: Identity
Site Link Schedules • Define when Active Directory replication can occur. • May be set to avoid replication during peak traffic of limited bandwidth. • Should overlap between sites with no direct connections. TestOut Server Pro 2016: Identity
Site Link Schedule Overlap TestOut Server Pro 2016: Identity
Site Link Frequency • Determines how often to replicate Active Directory. • Has a default value of 180 minutes (3 hours). • Has a valid range of 15 to 10,080 minutes. • Increases traffic and lowers latency if it is lowered. • Decreases traffic and increases latency if it is increased. TestOut Server Pro 2016: Identity
Site Link Bridges TestOut Server Pro 2016: Identity
Site Link Bridges TestOut Server Pro 2016: Identity
Site Link Bridges TestOut Server Pro 2016: Identity
Replication Types – Intrasite • Replication between two or more domain controllers located in the same site. • Completed by Knowledge Consistency Checker (KCC). • Runs every 15 minutes by default. • Chooses replication partners according to the rule of three. Rule of Three 1 2 3 TestOut Server Pro 2016: Identity
Replication Types – Intrasite • Replication between two or more domain controllers located in the same site. • Completed by Knowledge Consistency Checker (KCC). • Runs every 15 minutes by default. • Chooses replication partners according to the rule of three. • Creates automatic connection objects. • Stops creating automatic connections if manual connection objects are created. TestOut Server Pro 2016: Identity
Replication Types – Intersite BridgeheadServers • Replication that occurs between sites. • Replication occurs only between bridgehead servers. • The ISTG selects the bridgehead servers. • Updates between bridgehead servers use intersite. • Updates from bridgehead servers to other domain controllers uses intrasite. • Bridgehead server can be manually assigned. • If manually assigned, ISTG will stop designating bridgehead servers for the site. • If manually assigned, Microsoft suggests selecting at least two preferred bridgehead servers. Site B Intrasite Intersite Site A Intrasite TestOut Server Pro 2016: Identity
Viewing and Troubleshooting Replication • Repadmin can be used to: • View the replication topology. • Troubleshoot logon issues and replication problems. • Force all domain controllers to replicate with all other domain controllers:repadmin /syncall • Verify replication: repadmin /showrepl TestOut Server Pro 2016: Identity
SYSVOL Replication Facts TestOut Server Pro 2016: Identity
SYSVOL Replication Facts TestOut Server Pro 2016: Identity
In-Class Practice Do the following labs: • 2.3.5 Configure Intrasite Replication 2.3.6 Configure Intersite Replication TestOut Server Pro 2016: Identity
Class Discussion • What types of trusts are enabled by default for site link bridges? How do you establish bidirectional communications between domain controllers? How does intrasite replication differ from intersite replication? What are the different ways you can force replication? What are three ways you force a certain path between sites for replication? What is the process for migrating from FRS replication to DFS replication when the domain is at Windows Server 2003 functional level? During which migration stages are you able to roll back the migration? TestOut Server Pro 2016: Identity