Understanding Directory Replication
At its foundation, the replication process is simply an effort to keep the copy of the AD DS database identical on all domain controllers for a particular domain. For example, if an administrator removes a user from a group, the change is made on the domain controller that the administrator is currently logged into. For those few seconds after the change, that domain controller alone has the most current copy of the database. Eventually, though, after replication takes place, all domain controllers will have exact replicas of the database, including the change in group membership.
Within a Site: Loops and Meshes
AD DS replicates information between domain controllers using different methods, depending on the topology of your network—in particular, how many sites you have configured within AD DS. In a single-site situation, all domain controllers in a domain will discover one another through published records in both AD DS and the DNS system for the domain. But to cut down on network traffic, not every domain controller needs to actually replicate with every other domain controller. AD DS uses a "loop" method. Take, for instance, four domain controllers—A, B, C, and D, as shown in Figure 5-34.
Figure 5-34. Single site with four domain controllers
In this example, AD DS will replicate using two loops. Let's assume that a change was made on domain controller ...
Get Windows Server 2008: The Definitive Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
