Announcement

Collapse
No announcement yet.

WIN 2003 AD - replication question

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • WIN 2003 AD - replication question

    My company will be undergoing a major architecture change in the next 6 months. We are migrating from a NT 4.0 client/server environment to a WIN 2003 centralized Citirx environment. We will have 2 identical datacenters and currently have approx 50 branch offices. Each datacenter will have 2 DCís and each branch office will have 1 DC. I could use some advice on site config for replication, since this is brand new to me. Iíve done a ton of reading and feeling a bit overwhelmed. At this point, my plan to have each Datacenter DC as a bridgehead server, and evenly distribute site links to each branch office for replication. This gives approx 12 branch offices for each bridgehead DC. All sites have minimum 128K MPLS connections. Most are at least 256K on up to full T1ís.

    Anyone have any experience in the area. How does this sound?

    Any help would be greatly appreciated.

    Thanks

  • #2
    Re: WIN 2003 AD - replication question

    I've done this a couple of times... you are certainly on the right track. Some pointers.
    1. Do NOT assign preferred bridgehead servers. AD will do that for you. If you appoint preferred b.h. servers AD will NOT failover to other servers in the same site. The only reason that these preferred b.h. exist is to draw all replication traffic in a very large AD. Most AD's don't need it.
    2. use sitelinks to assign preferred replication paths between sites. You probably want to assign site link costs according to available bandwidth.
    3. Don't create explicit connection objects; let AD do the work. If you have manually created c.o.'s, AD will NOT failover by creating new ones by itself.
    4. Be careful to assing subnets to all sites. These subnets are the way that clients locate the correct DC, and that is the whole point of the exercise!
    5. you probably want high consistency between the datacenters. You can set the replication to 15 minutes using the GUI, but there are tricks to bring this back to seconds. Let me know if you are interested.
    Aside of these technical aspects, give some thought to the policies you will use to administer the AD. Beware of actions that generate a lot of replication traffic, such as creating and editing Group Policy Objects; who is allowed to do that?
    Last edited by wkasdo; 16th December 2005, 22:39.

    Comment


    • #3
      Re: WIN 2003 AD - replication question

      Thanks man. I particularly interested in #5.

      "you probably want high consistency between the datacenters. You can set the replication to 15 minutes using the GUI, but there are tricks to bring this back to seconds. Let me know if you are interested. "

      We definitely want high consistiencey between the datacenters. As you ementioned, how woud Iset the replication interval to shorted than 15 minutes.

      Thanks-

      Comment


      • #4
        Re: WIN 2003 AD - replication question

        Willem, are you talking about enabling change notifications between sites as per http://www.microsoft.com/technet/pro...b.mspx#E0QC0AA ?
        Guy Teverovsky
        "Smith & Wesson - the original point and click interface"

        Comment


        • #5
          Re: WIN 2003 AD - replication question

          Originally posted by guyt
          Willem, are you talking about enabling change notifications between sites as per http://www.microsoft.com/technet/pro...b.mspx#E0QC0AA ?
          Yep, that's the one! It's a bit of a hack. You can't see from the AD Sites & Services GUI that this overriding bit has been set. MOM will warn you though.

          One major caveat: this notification does not apply to SYSVOL. That will keep the regular schedule defined on the sitelink.

          Comment


          • #6
            Re: WIN 2003 AD - replication question

            Originally posted by wkasdo
            MOM will warn you though.
            Oh no ! You've mentioned the M*M word !
            btw, watch out: AD MP scripts are broken when monitoring DC from forests not local to MOM server (even if all the trusts in the world exist). I have an open case with MS and it appears that monitoring DCs outside of the forest the MOM server resides in is not supported (though some hacking to the scripts does resolve the issue )
            Guy Teverovsky
            "Smith & Wesson - the original point and click interface"

            Comment


            • #7
              Re: WIN 2003 AD - replication question

              You could make a case that the AD MP's are broken, period. I know that a group of systems management MVP's is rewriting it.

              Comment

              Working...
              X