Improve company productivity with a Business Account.Sign Up

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 239
  • Last Modified:

AD Replication Part1 help

I need some help in understanding the concepts of the AD  replication;

Initiating the replication can be done the following way:- Initiating Replication Using the Sites and Services Manager Snap-in

   1. Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services.
   2. Expand the Sites container in the left pane. Expand the container that represents the name of the site containing the target server that needs to be synchronized with its replication partners.
   3. Expand the Servers container, and then expand the target server to display the NTDS Settings object (an object that represents settings for the domain controller).
   4. Click the NTDS Settings object. The connection objects in the right pane represent the target server's direct replication partners.
   5. Right-click a connection object in the right pane, and then click Replicate Now. Windows 2000 initiates replication of any changes from the source server (the server represented by the connection object) to the target server for all directory partitions the target server is configured to replicate from the source server.

*********Now can the same procedure be adopted for the Exchange 2007, Exchange 2010.**********

Further to it:-

How Replication is Tracked

    * USN - Each object has an Update Sequence Number (USN), and if the object is modified, the USN is incremented. This number is different on each domain controller.
    * Stamps - Each object has a stamp with the version number, timestamp, and the GUID of the domain controller where the change was made

********Please provide any example to the USN. Where can I find USN?**********
******Please tell any example of stamp and where can I find it. How GUID is different from SID, where can I find GUID?*********

Domain controllers each contain a "replica" which is a copy of the domain directory. The "directory update type" indicates how the data is replicated. The two types are:

    * Origination update - A change made by an administrator at the local domain controller.
    * Replicated update - A change made to the replica because of a replication from a replication partner.

********Where can I find the Origination Update and Replicated update?***************

Replication Sequence


    * Latency - The required time for all updates to be completed throughout all comain controllers on the network domain or forest.
    * Convergence - The state at which all domain controllers have the same replica contents of the Active directory database.
    * Loose consistency - The state at which all changes to the database are not yet replicated throughout all controllers in the database (not converged).

*************How can I monitor Latency, Convergence, Loose consistancy? What are there causes and how can we avoid them? What are replication partners? What vulnerabilities can occur? ************

  • 5
  • 3
1 Solution
go to active directory and click to view + and advanced fonctionality
and right click on the object proprities + and then object
see the picture attached

kunalclkAuthor Commented:
joensw hablo espenoiel; si pokito pokito por favour. Please give any explanation since I need help to learn the skills. I do not have server installed. kindly provide some discusion by your end not just from any book or internet site. I am a novice.
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

in this link go to Directory Replication
kunalclkAuthor Commented:
It takes long to open. Can you just type and brief me with the idea since the book language makes it confusing.
Using the Active Directory, any domain controller can receive updates or additions to the Active Directory database. These changes are propagated to other domain controllers based on update sequence numbers (USNs). The USN is a 64-bit number used by the Active Directory to determine which updates are the most recent. In addition to the server's USN, each property (or attribute) in the database has its own property version number. These two numbers are used by multimaster replication to ensure that updates are correctly applied throughout the enterprise.
Because all replicas of the directory database can be written to, it is possible that a change can be made before a previous change has been fully replicated throughout the enterprise. Some directory databases use timestamps to determine which update is the most recent. This method requires that every server be tightly synchronized with all other servers with respect to the correct time. Windows 2000 does provide a time service that can be used to synchronize servers, but with one exception: The timestamp is not the method used to determine which is the correct update to apply to a directory update message.

Each server in a network has its own USN, which it advances when it makes an update to the directory. Each server also stores a table of USNsthe highest USN it has received during previous replications from each server in the network. When replication starts, a server requests from other servers only those changes that have a higher USN than the one it has stored for each server during previous replication sessions. This minimizes the amount of information that needs to be exchanged between servers during the replication procedure. Because each server knows exactly which changes it has received from every other server in the network, replication between servers is efficient.

This method also allows a server to recover quickly when it crashes or some other failure, such as a network failure, occurs. All it must do is request updates that are greater than the USN it has stored for the other servers in the network. This means that a full replication between servers is not necessary in the event of a catastrophe.
kunalclkAuthor Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now