SlideShare a Scribd company logo

Test

Download as PPT, PDF
H
harrisonaquino

Active Directory uses multi-master replication where changes made on any domain controller are replicated to all domain controllers. It identifies data to replicate by tracking changes using unique update sequence numbers for each domain controller. The replication topology is generated within sites by the KCC and between sites by the ISTG. Replication occurs on a schedule with urgent replication occurring immediately and password replication being handled differently. Active Directory replication can be monitored and troubleshooted using tools like the Active Directory Replication Monitor.

TechnologyEducation
1 of 53
Downloaded 91 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 7: Active Directory Replication
Objectives Describe how Active Directory identifies data that needs to be replicated Describe how the Active Directory replication topology is generated Describe and control when Active Directory replication occurs
Objectives (continued) Monitor and troubleshoot Active Directory replication Describe SYSVOL and how its replication differs from Active Directory replication
Identifying Data to Replicate Active Directory uses multi-master model Changes made on any DC Replicated to all DCs Replication is performed at attribute level Not object level Replication involves two types of updates: Originating updates Replicated updates
Identifying Data to Replicate (continued) Originating update: Change made on local domain controller Replicated update Change made through replication Update Sequence Numbers (USNs) Used to track changes Unique for each DC
Identifying Data to Replicate (continued) Update Sequence Numbers (USNs) Incremented by one when change is made Updated object and attributes are stamped with USN Comparing USNs from different domain controllers is meaningless Is possible for two domain controllers in same domain to show different information Caused by latency
Identifying Data to Replicate (continued) Convergence All DCs have same data Replication is complete For the moment
Identifying Domain Controllers Identifiers for domain controller: Domain controller’s computer account Records registered in DNS NTDS Settings Server object Server GUID Database GUID
Update Sequence Number 64-bit number Used to identify changes to data Each object has: usnCreated Set when object created usnChanged Set every time object is updated
Update Sequence Number (continued) Each attribute of object has two USNs: USN for local domain controller USN from domain controller that performed originating write operation
Creation of New User Account
Replication of New User Account
Updating Attribute of User Account
Replicating Change of User Account’s Attribute
High-watermark Value Used to identify which objects may need to be replicated Table on each domain controller Stores highest USN from each of replication partners Source domain controller sends updates Starting with object that has lowest usnChanged value
High-watermark Value (continued)
High-watermark Value (continued)
Up-to-dateness Vector Helps source domain controller filter out attributes that do not need to be replicated Table on each domain controller Stores highest originating USN Based on all possible sources of original updates to a single destination
Up-to-dateness Vector (continued)
Determining Which Attributes Need to be Replicated
Propagation Dampening Up-to-dateness vector can be used to provide propagation dampening
Propagation Dampening (continued)
Propagation Dampening (continued)
Propagation Dampening (continued)
Propagation Dampening (continued)
Conflict Resolution Problems occur When changes are made to same object at the same time on different domain controllers Replicating at the attribute level minimizes replication conflicts
Conflict Resolution (continued) Attribute conflicts resolved using: Version Timestamp Originating DSA GUID Move under deleted parent Object automatically moved to “lost and found” container
Conflict Resolution (continued) New object name conflict Two objects are created with same relative distinguished name One object is renamed To system-wide unique value Object with higher version number keeps name
Determining Replication Topology Replication topology Combination of paths used to replicate changes between domain controllers Every naming context has its own Connection object Identifies replication partners Unidirectional Does not specify individual naming context
Determining Replication Topology (continued) Intra-site replication Process of updating domain controllers within same site Inter-site replication Process of updating domain controllers between sites
Connection Objects Logical construct Provide representation of connection between two or more domain controllers Created in one of two ways Automatically by: Knowledge Consistency Checker (KCC) Inter-Site Topology Generator (ISTG) Manually by: Active Directory administrator
Connection Objects (continued) KCC does not optimize any connection objects created using a manual process Administrator wholly responsible for maintaining manual connections in the event of misconfiguration issues or unavailability
Activity 7-1: Manually Creating Connections Objective: This exercise is designed to familiarize you with the process of manually creating replication connection objects Manually create a connection using Active Directory Sites and Services
Intra-site Replication KCC is responsible for the replication topology within a site Checks replication topology every 15 minutes Attempts to create a replication topology made up of bidirectional ring Adds additional connection objects to ensure that no more than three hops are required
Example Bidirectional Ring Replication Topology with Additional Connectors
Global Catalog Replication Global catalog Holds partial read-only replica of domain naming context for each domain in forest Topology generated for replicating domain’s master replicas is used Connection objects are added to connect read-only replicas to topology
Inter-site Replication One domain controller in each site is designated as ISTG Oldest server in site by default Responsible for creating connection objects with domain controllers located in other sites Attempts to create minimum number of connections Also responsible (by default) for choosing bridgehead server
Bridgehead Server Used to designate particular domain controller for replication purposes Has historical (Windows NT) origin Functions as single point of contact in site for given naming context All replication traffic between bridgehead servers at each site
Bridgehead Server (continued)
Controlling Replication Frequency Main factors that control replication frequency Location of replication partners Type of data being replicated
Intra-site Replication Schedule Based on a notify-pull process Begins when object is modified at domain controller Replication partner pulls updates from source domain controller Maximum time for update to propagate approximately 45 seconds Traffic not compressed by default
Inter-site Replication Schedule Time-based Replicating changes at set intervals Default: Every 3 hours Data compressed by default Replication schedule/replication interval can be set
Example Site Link Replication Schedule and Interval
Urgent Replication Occurs immediately within site Between sites: Will still observe normal replication intervals and restrictions Trigger events: Account lockout Changing certain policies Local Security Authority (LSA) secret change RID master role assigned to new server
Password Replication Important for passwords to be synchronized between domain controllers Password changes are replicated differently than urgent or nonurgent replication PDC emulator One domain controller in domain
Password Replication (continued) Password change replicated immediately to the PDC emulator On failed logon Authenticating domain controller forwards authentication request to PDC emulator PDC emulator attempts to authenticate user
Monitoring and Troubleshooting Replication Symptoms of replication failure include Log-on failure Other inconsistencies in Active Directory Most problems with Active Directory replication are caused by: Administrator error Network infrastructure glitches
Monitoring and Troubleshooting Replication (continued) Active Directory Replication Monitor Monitor replication traffic between domain controllers Display a list of domain controllers in a domain Verify replication topology Manually force replication Check a domain controller’s current USN and unreplicated objects Display bridgehead servers and trusts
SYSVOL Folder called sysvol Created during the promotion of domain controller Used to share files containing scripts, etc. Stored in %SYSTEMROOT%\SYSVOL\ by default File Replication Service (FRS) Used to replicate changes in SYSVOL
SYSVOL Replication SYSVOL replication independent from Active Directory object replication Uses File Replication Service (FRS) FRS configures replication topology to match connection objects of domain controller Inter-site replication frequency controlled by schedule on replication partner’s connection object
Troubleshooting SYSVOL Replication Check File Replication Service event log Confirm that domain controllers can resolve fully qualified domain names (FQDNs) of replication partners Confirm File Replication Service is started Check for sufficient disk space Check that file(s) are not being filtered out by FRS
Summary Active Directory uses multi-master model for replication Active Directory uses system based on update sequence numbers Are unique for each domain controller Replication topology for intra-site replication is created by KCC Replicating attribute-level changes minimizes replication conflicts
Summary (continued) Use Active Directory Replication Monitor to view both intra-site and inter-site replication information SYSVOL is a share available on every domain controller in a domain Used to store files such as logon scripts

More Related Content

PPT
05561 Xfer Research 01
Rob Gillen
 
PDF
Flink Forward SF 2017: Stefan Richter - Improvements for large state and reco...
Flink Forward
 
PDF
Apache Flink's Table & SQL API - unified APIs for batch and stream processing
Timo Walther
 
PDF
Apache Flink: Better, Faster & Uncut - Piotr Nowojski, data Artisans
Evention
 
PPTX
Flink Forward SF 2017: Timo Walther - Table & SQL API – unified APIs for bat...
Flink Forward
 
PPTX
Robert Metzger - Connecting Apache Flink to the World - Reviewing the streami...
Flink Forward
 
PDF
Fault Tolerance and Job Recovery in Apache Flink @ FlinkForward 2015
Till Rohrmann
 
PPTX
Flink Forward SF 2017: Till Rohrmann - Redesigning Apache Flink’s Distributed...
Flink Forward
 
05561 Xfer Research 01
Rob Gillen
 
Flink Forward SF 2017: Stefan Richter - Improvements for large state and reco...
Flink Forward
 
Apache Flink's Table & SQL API - unified APIs for batch and stream processing
Timo Walther
 
Apache Flink: Better, Faster & Uncut - Piotr Nowojski, data Artisans
Evention
 
Flink Forward SF 2017: Timo Walther - Table & SQL API – unified APIs for bat...
Flink Forward
 
Robert Metzger - Connecting Apache Flink to the World - Reviewing the streami...
Flink Forward
 
Fault Tolerance and Job Recovery in Apache Flink @ FlinkForward 2015
Till Rohrmann
 
Flink Forward SF 2017: Till Rohrmann - Redesigning Apache Flink’s Distributed...
Flink Forward
 

What's hot (17)

PPTX
Stephan Ewen - Stream Processing as a Foundational Paradigm and Apache Flink'...
Ververica
 
PPTX
Flink Forward SF 2017: Stephan Ewen - Convergence of real-time analytics and ...
Flink Forward
 
PDF
Apache Flink Internals: Stream & Batch Processing in One System – Apache Flin...
ucelebi
 
PDF
Flink Forward SF 2017: Stephan Ewen - Experiences running Flink at Very Large...
Flink Forward
 
PPTX
The Stream Processor as a Database Apache Flink
DataWorks Summit/Hadoop Summit
 
PDF
Automating Research Data Workflows (GlobusWorld Tour - Columbia University)
Globus
 
PDF
Understanding Cassandra, A Visual Approach
jdsumsion
 
PPTX
Leo's notes - Oracle DBA 2 Days
Léopold Gault
 
PPTX
Fabian Hueske - Stream Analytics with SQL on Apache Flink
Ververica
 
PPTX
Apache Flink Training: DataStream API Part 1 Basic
Flink Forward
 
PPTX
January 2015 HUG: Apache Flink: Fast and reliable large-scale data processing
Yahoo Developer Network
 
PDF
Flink Forward Berlin 2017: Robert Metzger - Keep it going - How to reliably a...
Flink Forward
 
PDF
Automating Research Data Workflows (GlobusWorld Tour - STFC)
Globus
 
PPTX
Apache Flink @ NYC Flink Meetup
Stephan Ewen
 
PDF
Tutorial: Automating Research Data Workflows
Globus
 
PPTX
Apache Flink Berlin Meetup May 2016
Stephan Ewen
 
PDF
SplunkSummit 2015 - HTTP Event Collector, Simplified Developer Logging
Splunk
 
Stephan Ewen - Stream Processing as a Foundational Paradigm and Apache Flink'...
Ververica
 
Flink Forward SF 2017: Stephan Ewen - Convergence of real-time analytics and ...
Flink Forward
 
Apache Flink Internals: Stream & Batch Processing in One System – Apache Flin...
ucelebi
 
Flink Forward SF 2017: Stephan Ewen - Experiences running Flink at Very Large...
Flink Forward
 
The Stream Processor as a Database Apache Flink
DataWorks Summit/Hadoop Summit
 
Automating Research Data Workflows (GlobusWorld Tour - Columbia University)
Globus
 
Understanding Cassandra, A Visual Approach
jdsumsion
 
Leo's notes - Oracle DBA 2 Days
Léopold Gault
 
Fabian Hueske - Stream Analytics with SQL on Apache Flink
Ververica
 
Apache Flink Training: DataStream API Part 1 Basic
Flink Forward
 
January 2015 HUG: Apache Flink: Fast and reliable large-scale data processing
Yahoo Developer Network
 
Flink Forward Berlin 2017: Robert Metzger - Keep it going - How to reliably a...
Flink Forward
 
Automating Research Data Workflows (GlobusWorld Tour - STFC)
Globus
 
Apache Flink @ NYC Flink Meetup
Stephan Ewen
 
Tutorial: Automating Research Data Workflows
Globus
 
Apache Flink Berlin Meetup May 2016
Stephan Ewen
 
SplunkSummit 2015 - HTTP Event Collector, Simplified Developer Logging
Splunk
 
Ad

Similar to Test (20)

PPT
70 640 Lesson03 Ppt 041009
Coffeyville Community College
 
PPTX
ES19 – Under the Hood: Inside the Cloud Computing Hosting Environmnent
butest
 
PPTX
Microsoft Windows Azure - Cloud Computing Hosting Environment Presentation
Microsoft Private Cloud
 
PPTX
AD Replication Topology.pptx
KaushalShah230612
 
PPT
Ensemblue - Paper Presentation
ankurkath
 
PPT
MS_Active_Directory.ppt
Vipin Singhal
 
PDF
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Docker, Inc.
 
PPT
Serverless (Distributed computing)
Sri Prasanna
 
PPTX
Io sy.stemppt
muthumani mahesh
 
DOCX
What is active directory
rajasekar1712
 
PPTX
GFS xouzfz h ghdzg ix booc ug nog ghzg m
gagaco5776
 
PPT
Cruz: Application-Transparent Distributed Checkpoint-Restart on Standard Oper...
Mark J. Feldman
 
PPT
Chapter 22 - Windows XP
Wayne Jones Jnr
 
PPT
Showdown: IBM DB2 versus Oracle Database for OLTP
comahony
 
PPT
R12 d49656 gc10-apps dba 26
zeesniper
 
PPTX
Active Directory Features.pptx
KaushalShah230612
 
PPT
Distributed System by Pratik Tambekar
Pratik Tambekar
 
PPT
Handling Data in Mega Scale Web Systems
Vineet Gupta
 
PPTX
Multi site Clustering with Windows Server 2008 Enterprise
Paulo Freitas
 
PPTX
Graph The Planet 2019 - Intrusion Detection with Graphs
Matt Swann
 
70 640 Lesson03 Ppt 041009
Coffeyville Community College
 
ES19 – Under the Hood: Inside the Cloud Computing Hosting Environmnent
butest
 
Microsoft Windows Azure - Cloud Computing Hosting Environment Presentation
Microsoft Private Cloud
 
AD Replication Topology.pptx
KaushalShah230612
 
Ensemblue - Paper Presentation
ankurkath
 
MS_Active_Directory.ppt
Vipin Singhal
 
Getting Deep on Orchestration: APIs, Actors, and Abstractions in a Distribute...
Docker, Inc.
 
Serverless (Distributed computing)
Sri Prasanna
 
Io sy.stemppt
muthumani mahesh
 
What is active directory
rajasekar1712
 
GFS xouzfz h ghdzg ix booc ug nog ghzg m
gagaco5776
 
Cruz: Application-Transparent Distributed Checkpoint-Restart on Standard Oper...
Mark J. Feldman
 
Chapter 22 - Windows XP
Wayne Jones Jnr
 
Showdown: IBM DB2 versus Oracle Database for OLTP
comahony
 
R12 d49656 gc10-apps dba 26
zeesniper
 
Active Directory Features.pptx
KaushalShah230612
 
Distributed System by Pratik Tambekar
Pratik Tambekar
 
Handling Data in Mega Scale Web Systems
Vineet Gupta
 
Multi site Clustering with Windows Server 2008 Enterprise
Paulo Freitas
 
Graph The Planet 2019 - Intrusion Detection with Graphs
Matt Swann
 
Ad

Recently uploaded (20)

PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Cloud computing and distributed systems.
kkkkkhan
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
KodekX | Application Modernization Development
KodekX
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Encapsulation theory and applications.pdf
gurumoop
 

Test

  • 1. 70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory, Enhanced Chapter 7: Active Directory Replication
  • 2. Objectives Describe how Active Directory identifies data that needs to be replicated Describe how the Active Directory replication topology is generated Describe and control when Active Directory replication occurs
  • 3. Objectives (continued) Monitor and troubleshoot Active Directory replication Describe SYSVOL and how its replication differs from Active Directory replication
  • 4. Identifying Data to Replicate Active Directory uses multi-master model Changes made on any DC Replicated to all DCs Replication is performed at attribute level Not object level Replication involves two types of updates: Originating updates Replicated updates
  • 5. Identifying Data to Replicate (continued) Originating update: Change made on local domain controller Replicated update Change made through replication Update Sequence Numbers (USNs) Used to track changes Unique for each DC
  • 6. Identifying Data to Replicate (continued) Update Sequence Numbers (USNs) Incremented by one when change is made Updated object and attributes are stamped with USN Comparing USNs from different domain controllers is meaningless Is possible for two domain controllers in same domain to show different information Caused by latency
  • 7. Identifying Data to Replicate (continued) Convergence All DCs have same data Replication is complete For the moment
  • 8. Identifying Domain Controllers Identifiers for domain controller: Domain controller’s computer account Records registered in DNS NTDS Settings Server object Server GUID Database GUID
  • 9. Update Sequence Number 64-bit number Used to identify changes to data Each object has: usnCreated Set when object created usnChanged Set every time object is updated
  • 10. Update Sequence Number (continued) Each attribute of object has two USNs: USN for local domain controller USN from domain controller that performed originating write operation
  • 11. Creation of New User Account
  • 12. Replication of New User Account
  • 13. Updating Attribute of User Account
  • 14. Replicating Change of User Account’s Attribute
  • 15. High-watermark Value Used to identify which objects may need to be replicated Table on each domain controller Stores highest USN from each of replication partners Source domain controller sends updates Starting with object that has lowest usnChanged value
  • 18. Up-to-dateness Vector Helps source domain controller filter out attributes that do not need to be replicated Table on each domain controller Stores highest originating USN Based on all possible sources of original updates to a single destination
  • 20. Determining Which Attributes Need to be Replicated
  • 21. Propagation Dampening Up-to-dateness vector can be used to provide propagation dampening
  • 26. Conflict Resolution Problems occur When changes are made to same object at the same time on different domain controllers Replicating at the attribute level minimizes replication conflicts
  • 27. Conflict Resolution (continued) Attribute conflicts resolved using: Version Timestamp Originating DSA GUID Move under deleted parent Object automatically moved to “lost and found” container
  • 28. Conflict Resolution (continued) New object name conflict Two objects are created with same relative distinguished name One object is renamed To system-wide unique value Object with higher version number keeps name
  • 29. Determining Replication Topology Replication topology Combination of paths used to replicate changes between domain controllers Every naming context has its own Connection object Identifies replication partners Unidirectional Does not specify individual naming context
  • 30. Determining Replication Topology (continued) Intra-site replication Process of updating domain controllers within same site Inter-site replication Process of updating domain controllers between sites
  • 31. Connection Objects Logical construct Provide representation of connection between two or more domain controllers Created in one of two ways Automatically by: Knowledge Consistency Checker (KCC) Inter-Site Topology Generator (ISTG) Manually by: Active Directory administrator
  • 32. Connection Objects (continued) KCC does not optimize any connection objects created using a manual process Administrator wholly responsible for maintaining manual connections in the event of misconfiguration issues or unavailability
  • 33. Activity 7-1: Manually Creating Connections Objective: This exercise is designed to familiarize you with the process of manually creating replication connection objects Manually create a connection using Active Directory Sites and Services
  • 34. Intra-site Replication KCC is responsible for the replication topology within a site Checks replication topology every 15 minutes Attempts to create a replication topology made up of bidirectional ring Adds additional connection objects to ensure that no more than three hops are required
  • 35. Example Bidirectional Ring Replication Topology with Additional Connectors
  • 36. Global Catalog Replication Global catalog Holds partial read-only replica of domain naming context for each domain in forest Topology generated for replicating domain’s master replicas is used Connection objects are added to connect read-only replicas to topology
  • 37. Inter-site Replication One domain controller in each site is designated as ISTG Oldest server in site by default Responsible for creating connection objects with domain controllers located in other sites Attempts to create minimum number of connections Also responsible (by default) for choosing bridgehead server
  • 38. Bridgehead Server Used to designate particular domain controller for replication purposes Has historical (Windows NT) origin Functions as single point of contact in site for given naming context All replication traffic between bridgehead servers at each site
  • 40. Controlling Replication Frequency Main factors that control replication frequency Location of replication partners Type of data being replicated
  • 41. Intra-site Replication Schedule Based on a notify-pull process Begins when object is modified at domain controller Replication partner pulls updates from source domain controller Maximum time for update to propagate approximately 45 seconds Traffic not compressed by default
  • 42. Inter-site Replication Schedule Time-based Replicating changes at set intervals Default: Every 3 hours Data compressed by default Replication schedule/replication interval can be set
  • 43. Example Site Link Replication Schedule and Interval
  • 44. Urgent Replication Occurs immediately within site Between sites: Will still observe normal replication intervals and restrictions Trigger events: Account lockout Changing certain policies Local Security Authority (LSA) secret change RID master role assigned to new server
  • 45. Password Replication Important for passwords to be synchronized between domain controllers Password changes are replicated differently than urgent or nonurgent replication PDC emulator One domain controller in domain
  • 46. Password Replication (continued) Password change replicated immediately to the PDC emulator On failed logon Authenticating domain controller forwards authentication request to PDC emulator PDC emulator attempts to authenticate user
  • 47. Monitoring and Troubleshooting Replication Symptoms of replication failure include Log-on failure Other inconsistencies in Active Directory Most problems with Active Directory replication are caused by: Administrator error Network infrastructure glitches
  • 48. Monitoring and Troubleshooting Replication (continued) Active Directory Replication Monitor Monitor replication traffic between domain controllers Display a list of domain controllers in a domain Verify replication topology Manually force replication Check a domain controller’s current USN and unreplicated objects Display bridgehead servers and trusts
  • 49. SYSVOL Folder called sysvol Created during the promotion of domain controller Used to share files containing scripts, etc. Stored in %SYSTEMROOT%\SYSVOL\ by default File Replication Service (FRS) Used to replicate changes in SYSVOL
  • 50. SYSVOL Replication SYSVOL replication independent from Active Directory object replication Uses File Replication Service (FRS) FRS configures replication topology to match connection objects of domain controller Inter-site replication frequency controlled by schedule on replication partner’s connection object
  • 51. Troubleshooting SYSVOL Replication Check File Replication Service event log Confirm that domain controllers can resolve fully qualified domain names (FQDNs) of replication partners Confirm File Replication Service is started Check for sufficient disk space Check that file(s) are not being filtered out by FRS
  • 52. Summary Active Directory uses multi-master model for replication Active Directory uses system based on update sequence numbers Are unique for each domain controller Replication topology for intra-site replication is created by KCC Replicating attribute-level changes minimizes replication conflicts
  • 53. Summary (continued) Use Active Directory Replication Monitor to view both intra-site and inter-site replication information SYSVOL is a share available on every domain controller in a domain Used to store files such as logon scripts