February 23, 2004, 12:00 AM — Last week we discussed the role of replication in maintaining the
consistency of the Active Directory (AD) partitions. This week, we look
at some of the details of the replication process, specifically the
update sequence numbers (USNs).
If an originating update (see last week's article for more info:
http://www.itworld.com/nl/win_this_wk/02162004/) is made to any
attributes of an object within the directory of a domain controller
(DC), then a counter called the USN is updated. DCs within your AD
domain use a USN to determine which updates need to be replicated. Every
attribute, object, and server has an individual USN and these USNs are
incremented when any attribute, object or server is updated.
This is easier illustrated with a simple example.
Assume that the phone number attribute on one of the user objects in
your AD was updated on a DC called DCServer1. After this updated is
made, DCServer1's USN is incremented to the next number, let's say 360.
After the default replication time of five minutes is reached, DCServer1
notifies DCServer2 that updates are available. Then DCServer2 requests
all updates greater than the USN it has for DCServer1, which is 359.
DCServer1 then checks to see which updates DCServer2 is requesting and
realizes that it needs the update represented by USN 360 and replicates
those updates to DCServer2. After DCServer2 commits the changes to its
directory, it updates DCServer1's USN to 360.
This process is slightly more complicated than the way it is described
above, but this gives you an accurate picture of the replication process
and how USNs allow AD to track changes made on different servers
throughout your environment, and to replicate them properly ensuring
consistency among all of the DCs supporting the directory.
Next week we will discuss how AD handles the same updates coming from
two different servers with a feature called propagation dampening.