• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 917
  • Last Modified:

Intersite Active Directory replication schedule question

I have a question about intersite AD replication.

I have a multi-site domain (single domain, 2003 domain/forest level) with sites in the UK, Australia, USA and Germany.

The schedule of the IP site link between the UK and Australia sites is set to constant and the replication interval is set to 90 minutes.  Both sites are using the correct site links.

I was under the impression that this means any changes made in the UK would be replicated every 90 minutes, so if a user was created in the UK, for example, it could be up to 90 minutes before it shows up in Australia.

However, I've just been troubleshooting a user creation issue and whilst using replmon I can see that replication occurs for the domain partition every 15 minutes between sites.  This was reflected in the speed it took for a user created in Australia to appear in the UK without any manual intervention.

This not really a problem but a question as I was expecting to see replication every 90 minutes as configured in the replication interval.

Can someone explain why this is?

More info upon request! Replication settings
0
Wilkip
Asked:
Wilkip
  • 8
  • 5
  • 2
  • +2
2 Solutions
 
Mike KlineCommented:
Can you check to see if you have change notification enabled

http://www.activedir.org/Articles/tabid/54/articleType/ArticleView/articleId/40/Default.aspx

Thanks

Mike
0
 
WilkipAuthor Commented:
Hi Mike,

No, change notification is not enabled for any of the IP links.  The options value is "not set".  Wouldn't this only affect things like password lockouts and changes or does it affect normal changes as well?

Cheers,

Pete
0
 
Vinchenzo-the-SecondCommented:
Do you have "Bridge All Site Links" enabled (Right click "IP" in Inter-Site Transports and choose properties)  It might be getting replicated from another site becasue this is enabled.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
WilkipAuthor Commented:
Hi Vinchenzo,

Yes, bridge all site links is enabled but replmon shows the replication in question to be specifically between the DC in the UK and the DC in Australia.  I can see replication happening every 15 minutes between these two DCs, or at least that is what it looks like.  It is 15 minutes exactly, to the second.

Cheers
0
 
Mike ThomasConsultantCommented:
Check the replication schedules between DC's at both sites, rather than the schedules set on the site links. I am betting they are configured to the max 4 times per hour so every 15 mins.

Go into the site expand the server > NTDS Settings in the right pane right click the relevant connection do properties and check the schedules.

Adjust as per your requirements.

0
 
Vinchenzo-the-SecondCommented:
Remove the site bridge and recreate it setting the schedule to 90mins?
0
 
WilkipAuthor Commented:
Hi Mojotech - yes the schedule on the DC itself is set to 4 times per hour but it was my understanding that the actual replication between sites is controlled by the replicate interval on the site link, i.e. 90 minutes in our configuration.

Do the NTDS settings override the site link configuration?
0
 
Mike ThomasConsultantCommented:
Site links should take president and not so much over ride NTDS as such more close the window of opertunity.

Try to modify NTDS like I said and see if that changes, then maybe check all site links and bridging and see if replication is going via another route.
0
 
WilkipAuthor Commented:
OK , I'll change the schedule and see what effect that has.  I'll reply once I've had a chance to evaluate.

Vinchenzo - I'll bear your comment in mind as well and see if this changes things to 90 minutes after I've had a chance to see the effect of changin the schedule.

Back in a while....
0
 
WilkipAuthor Commented:
OK, I changed the schedule on the NTDS settings to 30 minutes and the replication now happens every 30 minutes.  So it appears that the NTDS settings are reponsible for the timing, even though the site link is supposed to replicate only every 90 minutes.

My next questions is.... why?!  I've always thought that the site link had ultimate control over what goes across the link and when, and I have designed things with this in mind.  However, the more I look round the relication events it looks like the schedule on the NTDS settings is controlling the timing.  I thought the idea was to queue replication events until the replicate interval is up then throw them all across to the other site at the specific interval.
0
 
Mike ThomasConsultantCommented:
I have been doing some reading and I am not sure how accurate my conclusions are but it seems that when you change a settings it is possible that you become the owner of the object (or rather administrator) and that may mean that AD will no longer maintain the connections (modify them) as it is no longer the owner.

I have just read this post

http://social.technet.microsoft.com/Forums/en-US/winserverDS/thread/87fb4907-4d1e-43ad-87ad-edfa53ea0072/

The poster TheItCrowd states "I wouldn't suggest deleting any connections, as long as they are all automatically generated connections AD should be allowed to maintain them" Which supports some inforamtion I read earlier today about ownerhsip...I will try to find the article/comments I read

I cannot verify any of this but it is possibly worth thinking about.
0
 
Mike ThomasConsultantCommented:
Scroll down a little inthis article to the sub heading Ownership of Connection Objects


http://technet.microsoft.com/en-us/library/cc961612.aspx


But like I said atm I am not entrily sure what any of this means in the real world, it would be great if anyone else could shed some light on it.

0
 
WilkipAuthor Commented:
Interesting...  I will have a read of those articles.

The replication link in question is a manually created one, but the same behaviour appears to be happening for automatically generated links as well.

Back soon
0
 
FemSteenkampCommented:
MojoTech is correct

manually created replication links use whatever is created at link level ( ignores the site schedule)

as soon as you edit an autocreated replication, it turns into a manual link and stope inheriting from the site level. note that teh name can remain as <AUTO GENERATED> but it still is an manual link as far as AD is considered because you edited it. It has to have this behaviour otherwise it does not know which settings the you edited in you want to keep , and which you want to inherit..

if you WANT it to all inherit, you can delete the manually created links and force KCC to run again to create them, but be carefull about this if not ll your sites are online and reachable at same time

0
 
WilkipAuthor Commented:
That's the answer then, that's why it's behaving the way it is.  I never knew that...

There's info in one of the links MojoTech gave that shows how to see ownership, I'll go and check to see which of my connection objects have been messed with so I know what behaviour to expect.

Points..  I was going to give most to MojoTech for identifying the issue and some to FernSteenkamp for confirming.  Is that OK with you both?
0
 
Mike ThomasConsultantCommented:
Yes, perfectly fine with me, we both got some answers and are both a little wiser. :)
0
 
WilkipAuthor Commented:
Answered my question perfectly and I learnt something new :o)

Thanks to all for your help!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 8
  • 5
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now