1 / 18

CN1276 Server

CN1276 Server. Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+. Agenda. Chapter 3: Working with Active Directory Sites Quiz Exercise. AD Structure. Logical structure Forest, domains, trees, OUs Manage by AD Users and Computers Physical structure

suki
Télécharger la présentation

CN1276 Server

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

  2. Agenda • Chapter 3: Working with Active Directory Sites • Quiz • Exercise

  3. AD Structure • Logical structure • Forest, domains, trees, OUs • Manage by AD Users and Computers • Physical structure • How information passes through the LAN/WAN • Manage by AD Sites and Services

  4. Default-First-Site-Name • By default, it will be created when you install your forest root

  5. Sites • Defined by IP subnets that are well-connected • Multiple sites will be joined together by site links • Intersite replication • Traffic will be compressed • Intrasite replication • AD sites are independent of the logical structure of AD.

  6. Replication Process • Replication topology • When, How, and where will it replicate • Replication will occur • An object is added or removed from AD • The value of an attribute has changed • The name of an object has changed

  7. Replication Process • Each DC maintains the object by • Update sequence number (USN) • version ID • Time-stamp • Bridgehead server • A gate keeper between sites for replication • AD convergence • The amount of time that it takes for replication process to take place

  8. Intrasite replication • A replication between DCs in the same site • Knowledge Consistency Checker (KCC) • To map the logical network topology • KCC select replication partners and create connection objects • Connection object is a one-way connection

  9. Intrasite replication (Cont.) • KCC’s selection of replication partners • Rule of three • No single DC should be more than three network hops away from any DC that can originate a change to the AD database • KCC can be set manually, however, manual settings will override the automatic process

  10. Intrasite replication (Cont.) • KCC minimize latency in intrasite replication in a number of ways • Dual counter-rotating ring – if left side go down, it will go right instead • As the site grows, new connection objects will be made to ensure three hops distance • DCs use change notification, 15 seconds before forwarding and 3 seconds interval of forwarding

  11. Viewing Active Directory Connection Objects • Open the Active Directory Sites and Services MMC snap-in. • Click the Sites folder, select the desired site, and then click the Servers folder. • Expand the server name for which you wish to view connection objects and right-click NTDS Settings. -> Properties.

  12. Manage a site plan • Rename default-first-site-name • Define the subnet for each site • Classless Inter-Domain Routing (CIDR) • 192.168.40.0/24 • Each site will be connected by site link • One DC within each site runs the Intersite Topology Generator (ISTG)

  13. Manage a site plan (Cont.) • Site link has three attributes • Cost • A lower numbered cost value will be chosen over a higher numbered cost value. Default value is 100 (1-99,999) • Schedule • Determines when the link is available to replicate information • Frequency • Determines how often information will be replicated

  14. Replication Protocol • Remote Procedure Calls over Internet Protocol (RPC over IP) • Use both authentication and encryption • Simple Mail Transfer Protocol (SMTP) • An alternative solution for intersite replication • Use asynchronous replication • each replication transaction does not need to complete before another can start. • Require an enterprise certification authority (CA) • SMTP does not adhere to schedules

  15. Designative a bridgehead server • You can override the automatic designation by establishing a list of preferred bridgehead servers • Bridgehead server should have the fastest processor • Compress/decompress replication data • Send/receive replication data

  16. Monitoring Replication • Dcdiag • Perform connectivity and replication tests, reporting errors that occur • Report DNS registration problems • Analyze the permissions required for replication • Analyze the state of DCs within the forest • repadmin

  17. Monitoring Replication (Cont.) • Repadmin • View the replication topology from the perspective of each DC • Manually create a replication topology if site link bridging is disabled • Force replication between DCs

  18. Assignment • Fill in the blank • 1-10 • Multiple Choice • 1-10 • Online Lab 3

More Related