Guides70-240 in 15 minutes a week: Kerberos and Active Directory Replication Page...

70-240 in 15 minutes a week: Kerberos and Active Directory Replication Page 3




Another important
consideration when setting up site links is the
protocol that the site link will use. Active
Directory supports site links via RPC (referred to
as IP in the interface) as well as SMTP. Within a
site, domain controllers use RPC. You should note
that you would most often use RPC, since SMTP does
not support replicating the domain partition between
domain controllers in the same domain (this is
mainly because the Sysvol folder is replicated using
FRS, which uses RPC only). SMTP does however support
replication of the Schema, Configuration, and Global
Catalog partitions. SMTP is useful for distributed
environments with unreliable WAN links. 

By default, all site links that you create are
bridged (transitive). What that means is that in
calculating the best path for replication, all site
links are considered. 


For example, in
the diagram above, replication between sites A and D
would occur over the least cost path, which would be
over the bridge automatically created – ABD, which
has a cost of 20. Note that the alternative AD has a
cost of 200, and bridge ACD has a cost of 110. In
looking at all available site links, AB and BD were
bridged to form the lowest cost path available. Site
links are created in AD Sites and Services. As a
best practice, you might consider naming site links
after the sites that they connect.

In some
situations, such as when your network is not fully
routed, you may need to manually create site link
bridges in order for replication to have a path to
follow. If this were the case, you could turn off
the automatic bridging of all site links and define
the bridges that you wish to exist in AD Sites and
Services. Note that site link bridges do not need to
be created in a fully routed network, since all site
links are bridged by default, allowing the lowest
cost replication path to be calculated
automatically. You should also note that Active
Directory does not control the Layer 3 routing of
data – site links allow replication between sites,
and controls which sites are connected for the
purpose of replication. The actual path that the
data will follow over the physical network depends
on how routing has been configured in your
environment. 

You should also be aware of the replication
troubleshooting tools that exist. The two main tools
are Replication Monitor (Replmon.exe) and
Repadmin.exe. Replication Monitor is installed along
with other advanced tools from the SupportTools
directory on the Advanced Server CD, and provides a
great deal of information about the replication
environment including the ability to view USNs, view
replication partners, view replication status on a
server, trigger replication between partners, and so
forth. Repadmin is a useful command-line tool, but
provides information about only a single domain
controller at a time. 

That brings us to the end of this article. Next week
we’ll finish off the Active Directory portion of
the series with a look at managing the Active
Directory database and operations masters, as well
as a look at Remote Installation Services. As
always, feel free to contact me with your questions
and comments, but please be sure to post all
technical messages to my message board. Until next
week, best of luck with your studies.

Dan

Latest Posts

Related Stories