Solved

Domain controller question...

Posted on 2002-05-29
4
151 Views
Last Modified: 2010-04-13
I know I should already know this, but something always confused me. I know that domain controllers in 2k environments replicate with each other... but this is what I never understood:

Ok, say I have two DC's in different locations, they connect through a DSL connection. Ok, so let's say you go in on DC1 and change a password on a user account. And then let's say you go in on DC2 and change the same user's password to something different.

When the DC's finally do replicate, which change does it take as gospel? Is it the one that was last made?

Also, in situations like I just named where the DC's are not in the same physical location and replicate over a medium such as a DSL line, how often does replication take place? By default I mean.
0
Comment
Question by:Gabe_Rivera
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:st_steve
ID: 7044237
I believe the replication interval for slow connections is 3 hours. I THINK, but please don't quote me. I'll confirm this with you later on.

Have a look at these links for things that govern when there are version update conflicts:

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q230123

http://support.microsoft.com/default.aspx?scid=kb;EN-US;q225511
0
 
LVL 1

Author Comment

by:Gabe_Rivera
ID: 7044492
That's a good start man, thanks for the links.

So if I understand this right, basically it's saying the most severe of actions takes rights over the more minor change?
0
 
LVL 1

Author Comment

by:Gabe_Rivera
ID: 7050986
Bueller? Anyone?
0
 
LVL 6

Accepted Solution

by:
st_steve earned 75 total points
ID: 7051019
That's correct. And even the "ID" of the domain controller takes preferences in resolving version conflicts. Say for example, one Admin changes a user's password on Domain Controller (DC) A. At the same time, another Admin changes the same user's password. What happens then? The actions of the Admin who is connected to PDC Emulator will be written to AD. Because PDC Emulator has the most piority in terms of password changes. (That's why you should always connect to the domain controller with PDC Emulator role when using AD Users and Computers).

I "think" there are three properties that Windows 2000 uses to resolve version conflicts. If I remember correctly, they are: Time stamps, DC ID and Sequence numbers. (Not sure, it's been a while since I've studied for MCSE..hehe)

Search for info on M$ site.

Bueller?
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now