Presentation is loading. Please wait.

Presentation is loading. Please wait.

Module 7: Implementing Sites to Manage Active Directory Replication.

Published byCorey Chambers Modified over 8 years ago

Similar presentations

Presentation on theme: "Module 7: Implementing Sites to Manage Active Directory Replication."— Presentation transcript:

1 Module 7: Implementing Sites to Manage Active Directory Replication

2 Overview Introduction to Active Directory Replication Creating and Configuring Sites Managing Site Topology Troubleshooting Replication Failures Planning a Site

3 Lesson: Introduction to Active Directory Replication Multimedia: Replication Within Sites Replication of Linked Multivalued Attributes What Are Directory Partitions? What Is Replication Topology? Automatic Generation of Replication Topology Global Catalog and Replication of Partitions

4 Multimedia: Replication Within Sites

5 Replication of Linked Multivalued Attributes Forest functional level What happens? < Windows Server 2003 Change triggers replication of the entire membership list = Windows Server 2003 Replication occurs by individual value instead of the whole attribute Replication of linked multivalued attributes depends on the forest functional level

6 What Are Directory Partitions? Active Directory Database Configurable replication Domain Forest Schema Configuration Definitions and rules for creating and manipulating objects and attributes Information about the Active Directory structure Information about domain- specific objects Information about applications Contains:

7 What Is Replication Topology? Domain Controllers from the Same Domain A1A2 A3A4 Domain A Topology Schema and Configuration Topology Domain A Topology Domain B Topology Schema and Configuration Topology A1A2 A3A4 B1 B2 B3 Domain Controllers from Various Domains

8 Automatic Generation of Replication Topology A1 A2 A7 A6 A3 A5 A4 KCC A8 KCC Automatic Generation of Replication Topology

9 Global Catalog and Replication of Partitions Partial Directory Partition Replica Schema Configuration Global Catalog Server Holds read only copy of all domain directory partitions contoso.msft namerica.contoso.msft A1A2 A3A4 B1 B2 B3 Domain A Topology Schema/Config Topology Domain A Topology Domain B Topology Schema and Configuration Topology

10 Practice: Introduction to Active Directory Replication In this practice, you will examine the Active Directory replication configuration

11 Lesson: Creating and Configuring Sites What Are Sites and Subnet Objects? What Are Site Links? Replication Within Sites vs. Replication Between Sites How to Create and Configure Sites and Subnets How to Create and Configure Site Links Why Disable Default Bridging of All Site Links? How to Create a Site Link Bridge

12 What Are Sites and Subnet Objects? Active Directory Sites and Services Console Window Help Active View Tree Active Directory Sites and Services Sites Default-First-Site-Name Servers Inter-Site Transports Subnets Site Inter-Site Transport Container Site Subnets Container NameType Redmond-Site Default-First-Site-Name Inter-Site Transports Redmond-Site Subnets DENVER NTDS Settings Default-First-Site-Name Redmond-Site B1 A1 IP Subnet

13 What Are Site Links? Site IP Subnet A1A2 RPC or SMTP Site Link IP Subnet Site B3B1B2 Cost A site link: Enables replication traffic between sites Represents the physical connection between sites Enables replication traffic between sites Represents the physical connection between sites

14 Replication Within Sites vs. Replication Between Sites Replication Within Sites: Assumes fast and highly reliable network links Does not compress replication traffic Uses a change notification mechanism Replication Between Sites: Assumes limited available bandwidth and unreliable network links Compresses all replication traffic between sites Occurs on a manual schedule IP Subnet A1 A2 IP Subnet Replication IP Subnet A1 A2 IP Subnet Replication IP Subnet B1 B2 IP Subnet Replication

15 How to Create and Configure Sites and Subnets Your instructor will demonstrate how to: Create a site Create a subnet object Associate a site with a subnet object Move a domain controller to a different site Delegate control of a site Create a site Create a subnet object Associate a site with a subnet object Move a domain controller to a different site Delegate control of a site

16 How to Create and Configure Site Links Your instructor will demonstrate how to: Create a site link Configure site link properties Create a site link Configure site link properties

17 Why Disable Default Bridging of All Site Links? IP Subnet Site B IP Subnet Site A IP Subnet A1 A2 Site Link Bridge B2 Site Link BC Site Link AB B1 B3 C2 C1 Site C

18 How to Create a Site Link Bridge Your instructor will demonstrate how to: Disable default bridging of all site links Create a new site link bridge Disable default bridging of all site links Create a new site link bridge

19 Practice: Creating and Configuring Sites In this practice, you will:  Create IP subnet and site objects  Associate subnet objects with sites  Move server objects into the site  Create IP site links between sites  Configure the replication cost, schedule, and interval of the links

20 Lesson: Managing Site Topology What Is a Bridgehead Server? What Is the Intersite Topology Generator? How to Create a Preferred Bridgehead Server How to Refresh the Replication Topology How to Force Replication over a Connection

21 What Is a Bridgehead Server? A bridgehead server: Sends and receives replicated data Is designated for each partition in the site Sends and receives replicated data Is designated for each partition in the site IP Subnet A1 Bridgehead Server Replication IP Subnet B1 Bridgehead Server

22 What Is the Intersite Topology Generator? IP Subnet A1 A2 Bridgehead Server Replication B2 Bridgehead Server B1 Replication IP Subnet Replication IP Subnet Intersite Topology Generator Intersite topology generator defines the replication between sites on a network

23 How to Create a Preferred Bridgehead Server Your instructor will demonstrate how to create a preferred bridgehead server

24 How to Refresh the Replication Topology Your instructor will demonstrate how to: Determine what domain controller holds the intersite topology generator role in the site Force the KCC to run Determine what domain controller holds the intersite topology generator role in the site Force the KCC to run

25 How to Force Replication over a Connection Your instructor will demonstrate how to force replication over a connection

26 Practice: Manually Initiating Replication In this practice, you will:  View the current connection objects  Delete an automatically generated connection object  Refresh the replication topology  Verify that Active Directory recreated the connection object

27 Lesson: Troubleshooting Replication Failures Common Replication Problems What Is Replication Monitor? How to Configure Replication Monitor What Is the Repadmin Tool? What Is the Dcdiag Tool? How to Determine the Cause of a Problem How to Resolve Replication Problems

28 Common Replication Problems Symptom Possible causes Replication does not finish or occur Sites not connected by site links No bridgehead server in the site Replication is slow Inefficient site topology and schedule Client computers receive a slow response No domain controller online in client site Not enough domain controllers Replication greatly increases network traffic Insufficient bandwidth Incorrect site topology The KCC cannot complete the topology Exception in the KCC

29 What Is Replication Monitor? Replication Monitor Displays: Replication topology Replicating partner USN values Number of failed attempts Flags Displays: Replication topology Replicating partner USN values Number of failed attempts Flags Polls the server at an administrator- defined interval Monitors the count of failed replication attempts Triggers the KCC to recalculate the replication topology Synchronizes partitions between two domain controllers Shows which objects have not been replicated

30 How to Configure Replication Monitor Your instructor will demonstrate how to configure Replication Monitor

31 What Is the Repadmin Tool? Use the Repadmin command-line tool to: View and manually create the replication topology Force replication events between domain controllers View the replication metadata View and manually create the replication topology Force replication events between domain controllers View the replication metadata Syntax: repadmin command arguments [/u:[domain\]user pw:{password|*}]

32 What Is the Dcdiag Tool? Use the Dcdiag command-line tool to: Analyze the state of a domain controller and report any problems Perform a series of tests to verify different areas of the system Analyze the state of a domain controller and report any problems Perform a series of tests to verify different areas of the system Syntax: dcdiag command arguments [/v /f:LogFile /ferr:ErrLog ]

33 How to Determine the Cause of the Problem Possible causes Testing method Sites are not connected by site links Dcdiag /test:Topology No bridgehead server in the site Repadmin /bridgeheads Inefficient site topology and schedule Repadmin /latency No domain controller online in the site Dcdiag /test:Replication Dcdiag /test:Connectivity Not enough domain controllers System monitor NTDS counters Incorrect site topology Active Directory Sites and Services Repadmin /latency Dcdiag /test:Intersite Exception in the KCC Dcdiag /test:kccevent

34 How to Resolve Replication Problems Cause Resolution method Sites are not connected by site links Create and configure site links No bridgehead server in the site Add or remove domain controllers from the preferred bridgehead server list Inefficient site topology and schedule Modify the site topology and schedule No domain controller online in the site Install or fix domain controllers Not enough domain controllers Install additional domain controllers Incorrect site topology Modify the site topology Ensure site links match WAN links Exception in the KCC Enable KCC logging Run Repadmin /kcc

35 Practice: Troubleshooting Replication Failures In this practice, you will use the Repadmin and Dcdiag command-line tools to examine the status of replication and to test the functionality of your domain controller

36 Lesson: Planning a Site Overview of the Site Planning Process Guidelines for Determining Schedule, Interval, and Protocol of Site Links Guidelines for Determining the Need for Site Link Bridges Guidelines for Determining the Requirements for Bridgehead Servers Guidelines for Securing Active Directory Replication

37 Overview of the Site Planning Process Site topology design document Number and location of sites in the organization Site links to connect each site Availability requirements for sites Number of users Site security policies Number and location of sites in the organization Site links to connect each site Availability requirements for sites Number of users Site security policies Site topology planning document Site link schedule and duration Site link bridges Preferred bridgehead servers Subnet objects Domain controllers in sites Site link schedule and duration Site link bridges Preferred bridgehead servers Subnet objects Domain controllers in sites

38 Guidelines for Determining the Schedule, Interval, and Protocol of Site Links Determine site link schedules Determine the site link interval Determine the site link protocol

39 Guidelines for Determining the Need for Site Link Bridges Create site link bridges when: Your IP network is not fully routed The domain controllers do not connect to all other domain controllers in the forest There are many sites, and the forest functional level is not Windows Server 2003

40 Guidelines for Determining the Requirements for Bridgehead Servers Create multiple bridgehead servers for multiple directory partitions Use preferred bridgehead servers to exclude specific domain controllers from being bridgehead servers Create a list of preferred bridgehead servers based on which server you want the intersite topology generator to use

41 Guidelines for Securing Active Directory Replication Validate and authenticate a trust Use a specific port or protocol for each directory service Limit the range of RPC ports Establish an explicit trust between domains

42 Practice: Planning a Site In this practice, you will:  Determine the site link schedule and duration for the new site link  Determine the configuration for a site link bridge and a preferred bridgehead server

43 Lab A: Implementing Sites to Manage Active Directory Replication Creating a Replica Domain Controller Creating and Configuring a Site for Your Domain Troubleshooting Replication Between Sites

Download ppt "Module 7: Implementing Sites to Manage Active Directory Replication."

Similar presentations

Implementing and Administering AD DS Sites and Replication

Implementing and Administering AD DS Sites and Replication
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 6 Managing and Administering DNS in Windows Server 2008.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Module 10: Troubleshooting Active Directory, DNS, and Replication Issues.

Module 10: Troubleshooting Active Directory, DNS, and Replication Issues.
Module 10: Troubleshooting AD DS, DNS, and Replication Issues.

Module 10: Troubleshooting AD DS, DNS, and Replication Issues.
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
Introduction to Active Directory

Introduction to Active Directory
13.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

13.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Administering Active Directory

Administering Active Directory
Hands-On Microsoft Windows Server 2003 Administration Chapter 1 Windows Server 2003 Network Administration.

Hands-On Microsoft Windows Server 2003 Administration Chapter 1 Windows Server 2003 Network Administration.
Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.

Hands-On Microsoft Windows Server 2003 Administration Chapter 3 Administering Active Directory.
Introduction to Dfs. Limits of Dfs 260 characters per file path 32 alternatives per volume 1 Dfs root per server Unlimited Dfs roots per domain Volumes.

Introduction to Dfs. Limits of Dfs 260 characters per file path 32 alternatives per volume 1 Dfs root per server Unlimited Dfs roots per domain Volumes.
3.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

3.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Understanding Active Directory

Understanding Active Directory
Module 1: Introduction to Active Directory

Module 1: Introduction to Active Directory
1 Chapter Overview Creating Sites and Subnets Configuring Intersite Replication Troubleshooting Active Directory Replication.

1 Chapter Overview Creating Sites and Subnets Configuring Intersite Replication Troubleshooting Active Directory Replication.
MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 10: Configuring and Maintaining the Active Directory Infrastructure.

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory Chapter 10: Configuring and Maintaining the Active Directory Infrastructure.
ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS

ADVANCED MICROSOFT ACTIVE DIRECTORY CONCEPTS
Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.

Course 6421A Module 7: Installing, Configuring, and Troubleshooting the Network Policy Server Role Service Presentation: 60 minutes Lab: 60 minutes Module.
Network and Active Directory Performance Monitoring and Troubleshooting NETW4008 Lecture 8.

Network and Active Directory Performance Monitoring and Troubleshooting NETW4008 Lecture 8.

Similar presentations

Ads by Google