Question regarding the AD Sites & Services connection between DC

Home Forums Microsoft Networking and Management Services Active Directory Question regarding the AD Sites & Services connection between DC

This topic contains 10 replies, has 3 voices, and was last updated by Avatar Albertwt 4 years, 8 months ago.

Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • Avatar
    Albertwt
    Member
    #165001

    Hello,

    Can someone here please shed some light on the AD Sites & Service matter which confuses me ?

    1. Why some domain controller server in my remote office site got multiple connection which seems to be randomly selected ?

    2. What is the best way to configure the AD replication link between the remote office site and the main Data Centre ADsite ?

    shall I
    manually specify one to the nearest AD Site and one to the Data Centre AD site ?
    or
    manually specify one connection from the office AD site into the Data Centre AD site and leave the connection to any domain controller in any AD site

    thoughts, comments and advice would be greatly appreciated.

    Cheers.

    Avatar
    wullieb1
    Moderator
    #245117

    Re: Question regarding the AD Sites & Services connection between DC

    You need to read up on the KCC, Knowledge Consitency Checker.

    I prefer to leave mine to be automatically done.

    Avatar
    Albertwt
    Member
    #318001

    Re: Question regarding the AD Sites & Services connection between DC

    wullieb1;290525 wrote:
    You need to read up on the KCC, Knowledge Consitency Checker.

    I prefer to leave mine to be automatically done.

    what if I had already deleted the connection to random AD and then manually specify the AD in the Data Center AD site ? so everything is pointing to the Data Center domain controller.

    is there any preference over which FSMO role should I point it to ?

    Avatar
    wullieb1
    Moderator
    #245118

    Re: Question regarding the AD Sites & Services connection between DC

    Have you read up on it?

    It doesn’t really matter what way that you do it.

    Why are you talking about FSMO roles? It just needs to point to a DC.

    Avatar
    Albertwt
    Member
    #318002

    Re: Question regarding the AD Sites & Services connection between DC

    wullieb1;290527 wrote:
    Have you read up on it?

    It doesn’t really matter what way that you do it.

    Why are you talking about FSMO roles? It just needs to point to a DC.

    ok, if that is the case, then I’d delete all of the existing manual connection to the DC and then recreate the automatic connection using:

    Quote:
    – delete the manually created connections
    – Right click on the NTDS setting in the respective site
    – Under All Tasks, select “check replication topology”

    Do you mean this article from MSDN: https://msdn.microsoft.com/en-us/library/bb727085.aspx?f=255

    Avatar
    Ossian
    Moderator
    #190385

    Re: Question regarding the AD Sites & Services connection between DC

    IMHO automatic is preferable to manual as if a manually specified DC is down, replication will not work, however with automatic the KCC will attempt to find another route.
    As Wullie says, leave it alone!

    Avatar
    Albertwt
    Member
    #318003

    Re: Question regarding the AD Sites & Services connection between DC

    Ossian;290529 wrote:
    IMHO automatic is preferable to manual as if a manually specified DC is down, replication will not work, however with automatic the KCC will attempt to find another route.
    As Wullie says, leave it alone!

    Yes, that’s what I thought so. But in this case in some of the site office Domain Controllers, I couldn’t find the connection anymore, I guess someone replaced it with the 2x static connection to the 2x Domain Controllers in the Data Centre AD sites.

    so can I just delete them both and then recreate two of the connection ?

    Avatar
    Ossian
    Moderator
    #190386

    Re: Question regarding the AD Sites & Services connection between DC

    Yes, you should be able to

    Avatar
    Albertwt
    Member
    #318004

    Re: Question regarding the AD Sites & Services connection between DC

    Ossian;290531 wrote:
    Yes, you should be able to

    Thanks Ossian.

    I was under the impression that all Site Office connection must be pointing to the Data Centre AD/DC servers, but it seems that it doesn’t have to be.

    So in this case, the value in the connection is dynamically changed based on KCC algorithm ?

    Avatar
    Ossian
    Moderator
    #190387

    Re: Question regarding the AD Sites & Services connection between DC

    Correct – the KCC will run every 15 minutes by default and generate connections based on the current state of connectivity between sites
    (see https://technet.microsoft.com/en-us/library/cc961781.aspx)

    I think of it as similar to the internet where routers will work around problems without manual intervention

    The only time I have attempted to change it (to force replication via a central site) was too prone to errors if any link went down, so I rapidly changed back to automatic

    Avatar
    wullieb1
    Moderator
    #245120

    Re: Question regarding the AD Sites & Services connection between DC

    Ossian;290533 wrote:
    The only time I have attempted to change it (to force replication via a central site) was too prone to errors if any link went down, so I rapidly changed back to automatic

    Our network was setup like this by the previous administrator in my role.

    Our central office was the hub and all DC’s replicated back to here with these manual settings.

    Removed all of them and set to automatic and bingo things start working correctly :)

Viewing 11 posts - 1 through 11 (of 11 total)

You must be logged in to reply to this topic.