70-240 in 15 minutes a week: Kerberos and Active Directory Replication Page 3

By ServerWatch Staff (Send Email)
Posted Jun 29, 2001


Another important consideration when setting up site links is the protocol that the site link will use. Active Directory supports site links via RPC (referred to as IP in the interface) as well as SMTP. Within a site, domain controllers use RPC. You should note that you would most often use RPC, since SMTP does not support replicating the domain partition between domain controllers in the same domain (this is mainly because the Sysvol folder is replicated using FRS, which uses RPC only). SMTP does however support replication of the Schema, Configuration, and Global Catalog partitions. SMTP is useful for distributed environments with unreliable WAN links. 

By default, all site links that you create are bridged (transitive). What that means is that in calculating the best path for replication, all site links are considered. 

For example, in the diagram above, replication between sites A and D would occur over the least cost path, which would be over the bridge automatically created - ABD, which has a cost of 20. Note that the alternative AD has a cost of 200, and bridge ACD has a cost of 110. In looking at all available site links, AB and BD were bridged to form the lowest cost path available. Site links are created in AD Sites and Services. As a best practice, you might consider naming site links after the sites that they connect.

In some situations, such as when your network is not fully routed, you may need to manually create site link bridges in order for replication to have a path to follow. If this were the case, you could turn off the automatic bridging of all site links and define the bridges that you wish to exist in AD Sites and Services. Note that site link bridges do not need to be created in a fully routed network, since all site links are bridged by default, allowing the lowest cost replication path to be calculated automatically. You should also note that Active Directory does not control the Layer 3 routing of data - site links allow replication between sites, and controls which sites are connected for the purpose of replication. The actual path that the data will follow over the physical network depends on how routing has been configured in your environment. 

You should also be aware of the replication troubleshooting tools that exist. The two main tools are Replication Monitor (Replmon.exe) and Repadmin.exe. Replication Monitor is installed along with other advanced tools from the Support\Tools directory on the Advanced Server CD, and provides a great deal of information about the replication environment including the ability to view USNs, view replication partners, view replication status on a server, trigger replication between partners, and so forth. Repadmin is a useful command-line tool, but provides information about only a single domain controller at a time. 

That brings us to the end of this article. Next week we'll finish off the Active Directory portion of the series with a look at managing the Active Directory database and operations masters, as well as a look at Remote Installation Services. As always, feel free to contact me with your questions and comments, but please be sure to post all technical messages to my message board. Until next week, best of luck with your studies.

Dan

Page 3 of 3


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.