What is Directory Replication?
Directory Replication is the process of replicating updates to Active Directory on different domain controllers in the network. Directory replication ensures that users have access to resources on the network by ensuring that information about users, groups, computers, file shares, printers, and other directory objects is current on all domain controllers in the network.
Note: In Windows 2000 Server and Windows Server 2003, the directory service is named simply Active Directory. Starting in Windows Server 2008, the directory service is referred to as Active Directory Domain Services (AD DS).
Active Directory Domain Services is a distributed directory service that stores objects that represent real-world entities such as users, groups, computers, services, and network resources. Objects in the directory are distributed among all domain controllers in a forest, and all writeable domain controllers can be updated directly.
Active Directory Domain Services Replication
Active Directory Domain Services Replication is the process by which the changes that originate on one domain controller are automatically transferred to other domain controllers and global catalogs.
Replication architecture
The Active Directory Domain Services is made up of one or more naming contexts (NCs) or partitions. A naming context is a contiguous sub-tree of the directory (such as the directory schema) that is a unit of replication. In the Active Directory each domain controller always holds at least three Naming Context replicas:
- Schema;
- Configuration (replication topology and related metadata);
- Domain naming context (contains the actual objects in the directory).
The schema NC defines types of objects (such as users) and attributes of those objects (such as telephone numbers) that can be created stored in the AD DS, and as well as the rules for creating and manipulating them. Schema information (which attributes are mandatory for object creation, what additional attributes can be set, and what attribute data types are used) is replicated to all domain controllers in the forest. Unlike other NCs, the schema NC is only writeable on the domain controller holding the Schema Master FSMO role.
The configuration NC includes information about the AD DS as a whole – what domains exist, what sites are available, what domain controllers are running in the particular sites and domains, as well as configuration information for additional services such as Active Directory Certificate Services (AD CS) and Microsoft Exchange. All enterprise domain controllers need this information to make operational decisions (such as choosing replication partners) so it is replicated to every domain controller in the forest.
Active Directory Replication Topology
The replication topology is the current set of Active Directory connections by which domain controllers in a forest communicate over local area networks (LANs) and wide area networks (WANs) to synchronize the directory partition replicas that they have in common. The replication topology ensures the transfer of changes to all directory partition replicas in the forest without redundancy. Replication topology generation is dynamic and adapts to network conditions and availability of domain controllers.
To ensure a consistent replication topology, domain controllers use global configuration data to arrive at the same view of domain controller data. They apply the same algorithm to this data to arrive at an identical replication topology. Operating independently, each domain controller contributes to a uniform and efficient replication topology.
Replication topology generation is optimized for speed within sites and for cost between sites. Replication between domain controllers in the same site occurs automatically in response to changes and does not require administrative management. Replication within a site is sent uncompressed to reduce processing time. Replication between domain controllers in different sites can be managed to control the scheduling and routing of replication over WAN links. Replication between sites is compressed so that it uses less bandwidth when sent across WAN links, thereby reducing the cost.
