Another new feature available in Windows Server 2003 is the concept of Application Partitions. This feature provides the ability to store data in Active Directory, taking advantage of Active Directory replication, without replicating that data to every domain controller in the forest. Active Directory allows the creation of a new type of naming context (NC), or partition, called application partitions. This NC can contain a hierarchy of any type of objects except security principals (users, groups, and computers), and can be configured to replicate to any set of domain controllers in the forest, not necessarily all in the same domain. This means that dynamic data from network services such as Remote Access Service (RAS), RADIUS, and Dynamic Host Configuration Protocol (DHCP) can reside in a directory so that applications can access them uniformly with one access methodology. Developers will be able to use this feature to write application data to dedicated application directory partitions rather than to a domain partition. Most importantly, Windows Server 2003 uses application partitions to hold Active Directory Integrated DNS zones. For every domain in a forest, a separate application partition is created and is used to store all records that exist in each AD-integrated zone. Because the application partition is not included as part of the global catalog, DNS entries are no longer included as part of global catalog replication. Creating Application PartitionsApplication partitions can be created using either the ADSIedit GUI interface, or by using the NTDSUtil command-line interface. To create an application directory partition named "test" on a domain controller named DC1 in the companyabc.com domain, perform the following steps:
Creating a ReplicaAfter an application partition has been established, it is possible to add replicas of that partition to other domain controllers. Adding a replica initiates the replication process so that the application partition is available, for redundancy or data access, on any domain controller that is configured with a replica. To add a replica, use the same NTDSUtil procedure used to create the application partition in the previous example. This time, add the replica to a domain controller named DC2 with the following command: add nc replica dc=test,dc=companyabc,dc=com DC2 Managing ReplicationWhen changes are made in a particular application partition on a particular domain controller, those changes are replicated to other domain controllers containing a replica of that partition. The domain controller on which the change is made notifies its replication partners , and the replication is initiated. Windows Server 2003 enables you to control this replication process by setting the amount of time a domain controller will wait to send out the change notification to its first and subsequent replication partners. Continuing with the previous examples, to configure DC1 to wait 10 minutes before notifying DC2 of a change to the test application partition, use the NTDSUtil command line interface, and type the following command at the domain management prompt: set nc replicate notification delay dc=test,dc=companyabc,dc=com 600. |