Active directory revisited

Last week we began our discussion on Active directory (AD) sites and

replication. This week we are going to dive down into some of the

details of the replication process.

Since AD is based on the theory of multi-master replication, meaning

that every domain controller (DC) in a domain contains a fully readable

and writeable copy of the directory partitions, AD needs a way to manage

replication to ensure that any updates made on any of the DCs are

replicated to all other DCs in the domain. Additionally, the integrity

of the directory needs to be maintained - meaning that only the updates

that are intended to be kept are in fact kept. For example, if the

phone number attribute on a user account in AD is updated in two

different places, at approximately the same time, by two different

administrators in different locations within the company, AD must make

sure that only the latest update is applied and replicated out to the

other DC's.

In order for this change to propagate properly, a DC needs to

communicate the changes out to its replication partners. Replication

partners are a way in which AD minimizes replication traffic while at

the same time maintaining fault tolerance. Each DC has a special

relationship with at least two other DCs in their site that serve as

replication partners with each other.

Additionally, AD needs to keep track of the type of change that was

made. The two types of changes are "originating" updates or

"replicated" updates. A user or administrator makes originating

updates, and replicated updates are changes made to the directory by

another DC in the organization.

Next week we will dive into the key feature in AD that allows updates to

be replicated and updated properly

Insider: How the basic tech behind the Internet works
Join the discussion
Be the first to comment on this article. Our Commenting Policies