Active Directory (AD) Replication Terminology

Previous page
Table of content
Next page
 <  Day Day Up  >  

These terms relate to terms used in Chapter 5, "Active Directory Logical Design," concerning AD replication and the File Replication Service (FRS).

  • Bridgehead Server (BHS) : This role is held by one DC per domain, per site that replicates with other DCs in the same domain in different sites. In Windows 2000, only BHSs replicate to each other across sites. However, in Windows 2003, all domain controllers (DCs) replicate with each other in all sites to reduce single point of failure and a replication overload in case a site has many other sites connected to it. The DC that holds this role is determined by the Knowledge Consistency Checker (KCC) based on the Global Unique Identifier (GUID) of the server. If the BHS becomes unavailable, the KCC selects another DC in that domain to replace it.

  • connection objects : These objects provide a replication " path " between domain controllers (DCs) for intrasite and intersite replication. They are unidirectional and always inbound. Although connection objects have their own replication schedule, they are also subject to the schedule imposed by the site link. Imagine the site link as a pipe and connection objects as threads through that pipe. The pipe controls the schedule, frequency, and cost.

  • Intersite Topology Generator (ISTG) : This role is held by one domain controller (DC) in each site (regardless of domain affiliation ) and is responsible for generating intersite topology and maintaining inbound connection objects between DCs. It is elected by the Knowledge Consistency Checker (KCC), which also transfers the role to another DC in the site if the current ISTG becomes unavailable. It may or may not be on a Bridgehead Server (BHS). Obviously if there is only one DC in the site, the ISTG role will not be transferred if that DC becomes unavailable.

  • Knowledge Consistency Checker (KCC) : The KCC is responsible for taking the replication properties created by the Administrator and building the replication topology in an efficient manner. The KCC elects Bridgehead Servers (BHSs) and the Intersite Topology Generator (ISTG) to generate the forest intersite topology. The KCC does this every 15 minutes by default and creates connection objects between DCs (for intrasite replication) and between BHSs (for intersite replication). If a DC becomes unavailable, the KCC routes around it to maintain replication among the other DCs.

  • least-cost path : Intersite replication honors the least-cost path rule. In Figure C.1, there is a link from LA and NY with a cost of 200, and links NY “Chicago, Chicago “Atlanta, and Atlanta “LA, all with costs of 300. Replication will preferentially go from NY to LA because there is a cost of 200, versus going the other way through Chicago and Atlanta at a cost of 900. If the network link between NY and LA is unavailable, then replication would take the alternate path.

    Figure C.1. Replication uses the least-cost path method, determined by site link cost.


    note

    Designing an efficient cost structure is absolutely essential to problem-free replication. This point was explained further in the "Topology Design" section in Chapter 5.


  • Preferred Bridgehead Server : BHS that is selected manually. After you do this, the Knowledge Consistency Checker (KCC) will not choose another in the case of failure. One reason for doing this is to force replication to a more powerful machine. However, to reduce the single point of failure issue, you must identify at least two Preferred BHSs, in which case, the KCC will elect one of those two, which might not be the one you want. Windows 2003 alleviates this problem by eliminating the function of the BHS.

  • site : Technically, a collection of one or more subnets. Practically, physical locations defining network boundaries of a company's infrastructure, which could be a country, a state, a city, a building, or even floors in a building.

  • site affinity : An important concept whereby domain controllers determine the site that a client is in based on the client's IP address, which is mapped to the site by the administrator. That affinity is used to determine 1) if there is a DC or GC in the same site as the client, or 2) the closest domain controller (DC) or Global Catalog (GC) to service Domain Name Server (DNS) requests for a GC server, an LDAP or Kerberos server, a Primary Domain Controller (PDC), or other roles identified by DNS SRV records.

    note

    If the subnets are not mapped properly to sites, this could result in clients being authenticated to DCs that are across a Wide Area Network (WAN) link when there is a domain controller (DC) locally to service it. By default, no subnets are mapped, and all DCs are in a single site and single site link. When there is nothing to distinguish the Site Affinity, the first DC to respond is provided to service the client. I have seen many cases where this has caused considerable authentication failure. Interestingly enough, you'd think that the local DC would be the first to respond, but often a remote DC responds first.


  • site link : An object that connects two or more sites and defines replication attributes, such as replication frequency, replication schedule, and site link cost. Site link cost is used to configure the replication path (see least-cost path ).

  • site link bridge : Collection of site links that allows the Knowledge Consistency Checker (KCC) to build transitivity between them. For instance, suppose you have four sites, NY, Chicago, LA, and Atlanta, each with a domain controller (DC) as shown in Figure C.2. Site links are created as shown in the figure. Without site link bridging, DCs in sites NYC and Atlanta can only replicate by going to Chicago. If the DC in Chicago is unavailable, then the DCs in Atlanta and NY cannot replicate with each other. In fact, NY can't replicate with anyone else. Enabling site link bridging permits the KCC to build a connection object from the Atlanta DC to the NY DC, allowing replication between these DCs even if the Chicago DC is not available. In other words, if NY can replicate to Chicago and Chicago can replicate to Atlanta, then NY is allowed to replicate directly to Atlanta. The cost assigned to this new link is equal to the sum of the cost of the links it is replacing. In the example in Figure C.2, the cost of the KCC-generated link will be 600. Note that the link created by the SLB is only generated as needed, and is eliminated when normal site links work.

    Figure C.2. Functional diagram of the site link bridge.


 <  Day Day Up  >  

Previous page
Table of content
Next page
Windows Server 2003 on Proliants. Deployment Techniques and Management Tools for System Administrators
Windows Server 2003 on Proliants. Deployment Techniques and Management Tools for System Administrators
ISBN: B004C77T6A
EAN: N/A
Year: 2004
Pages: 214
BUY ON AMAZON
WebLogic: The Definitive Guide
Excel Scientific and Engineering Cookbook (Cookbooks (OReilly))
C & Data Structures (Charles River Media Computer Engineering)
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
Java All-In-One Desk Reference For Dummies
User Interfaces in C#: Windows Forms and Custom Controls
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy