Active Directory Replication Explained
Focus: Active Directory Replication, USN, HWMV and UTDV
Intrasite replication replicates changes made in one DC to all other DCs in the same site. AD replications are generally pull operations. For example (A site with two DCs : DC1 & DC2) , If a change is made on DC1 then DC1 will inform DC2 about the change.
After this notification, the DC2 will pull the changes from the DC1 thereby making its AD data up to date.
Replication interval
When a DC write a change to its local copy of the AD, a timer is started that determines when the DC's replication partner should be notified of the change. By default, this interval is 15 seconds in Windows 2003 and later.
Active Directory Partitions
Active Directory database is divided into partitions or naming contexts (NC):
Schema NC - This contains schema details and this will be replicated to each DC in the forest.
Configuration NC - This contains forest wide configuration information and this will be replicated to each DC in the forest
Domain NC - This contains most commonly accessed AD data and this will be replicated to each DC in the domain
Each of these NCs are replicated separately to the DCs.
There are two kind of write operations that AD need to replicate:
Orginating write : Any change made on a DC is an orginating write for that DC
Replicated write : Any change which came as part of replication is a replicated write
AD changes are managed through several Replication metadata:
Update Sequence Number (USN)
Each DC maintains a USN which is specific to that DC. Any change made in the DC (orginated write) or replicated to DC (replicated write) will be followed by a USN increment. The USN numbers of DCs in the same domain need not be same therefore the USN of one DC has no meaning to any other DCs in terms of comparing one change to another.
For Eg: Current USN value of DC1 is 3000 and DC2 is 4000. Suppose a change is made on DC1, its USN will be incremented to 3001. DC1 will notify DC2 about the change and will pull the new change. When the change is pulled, DC2 will increment its value to 4001.
High watermark vector (HWMV)
USN is only a method to track the changes made on the DC. But each DC needs a way to keep track the changes that have already been replicated, otherwise each DC would be sending the entire Active Directory database across the wire at every replication.
To prevent this, each Active Directory DC maintains a value called the High WaterMark Vector (HWMV) for other domain controllers that it is replicating with. Each DC will associate this high watermark vector with the Globally Unique Identifier (GUID) of the remote DC, to prevent any confusion if a remote domain controller is renamed or removed from the directory.
Let us discuss some replication scenarios here:
Scenario 1:
2 Domain controllers
USN of DC1 = 3000
USN of DC2 = 4500
The above scenario looks fine in a 2 DC scenario but could create severe replication loops in 3 or more DC scenario.
Up-to-dateness Vector (UTDV)
If a change is made in DC1 then the change is replicated to DC2 and DC3. When this change is received in DC2, it will inform DC1 and DC3 about the same change and will end up in a loop.
In order to avoid this situation another metadata is stored by the DC called the Up To Dateness Vector (UTDV).
UTDV stores the highest orginating update USN the local DC has received from other DCs. Every DC keeps a HWMV table and UTDV for each AD partition to store the latest USN of its replication partners. Whenever DC1 contacts DC2 for replication, DC2 will send the HWMV of DC1 in DC2 along with highest orginating USN that DC2 have in its UTDV table.
Scenario 2
3 Domain controllers
USN of DC1 = 3001
USN of DC2 = 4501
USN of DC3 = 7000
Intrasite replication replicates changes made in one DC to all other DCs in the same site. AD replications are generally pull operations. For example (A site with two DCs : DC1 & DC2) , If a change is made on DC1 then DC1 will inform DC2 about the change.
After this notification, the DC2 will pull the changes from the DC1 thereby making its AD data up to date.
Replication interval
When a DC write a change to its local copy of the AD, a timer is started that determines when the DC's replication partner should be notified of the change. By default, this interval is 15 seconds in Windows 2003 and later.
Active Directory Partitions
Active Directory database is divided into partitions or naming contexts (NC):
Schema NC - This contains schema details and this will be replicated to each DC in the forest.
Configuration NC - This contains forest wide configuration information and this will be replicated to each DC in the forest
Domain NC - This contains most commonly accessed AD data and this will be replicated to each DC in the domain
Each of these NCs are replicated separately to the DCs.
There are two kind of write operations that AD need to replicate:
Orginating write : Any change made on a DC is an orginating write for that DC
Replicated write : Any change which came as part of replication is a replicated write
AD changes are managed through several Replication metadata:
Update Sequence Number (USN)
Each DC maintains a USN which is specific to that DC. Any change made in the DC (orginated write) or replicated to DC (replicated write) will be followed by a USN increment. The USN numbers of DCs in the same domain need not be same therefore the USN of one DC has no meaning to any other DCs in terms of comparing one change to another.
For Eg: Current USN value of DC1 is 3000 and DC2 is 4000. Suppose a change is made on DC1, its USN will be incremented to 3001. DC1 will notify DC2 about the change and will pull the new change. When the change is pulled, DC2 will increment its value to 4001.
High watermark vector (HWMV)
USN is only a method to track the changes made on the DC. But each DC needs a way to keep track the changes that have already been replicated, otherwise each DC would be sending the entire Active Directory database across the wire at every replication.
To prevent this, each Active Directory DC maintains a value called the High WaterMark Vector (HWMV) for other domain controllers that it is replicating with. Each DC will associate this high watermark vector with the Globally Unique Identifier (GUID) of the remote DC, to prevent any confusion if a remote domain controller is renamed or removed from the directory.
Let us discuss some replication scenarios here:
Scenario 1:
2 Domain controllers
USN of DC1 = 3000
USN of DC2 = 4500
- A new object is created in DC1, the USN gets incremented to 3001.
- DC1 notifies DC2 about the new change. DC2 replies back with the HWMV value of DC1 in DC2
- DC1 compares the HWMV value and understands that DC2 is not updated with the change 3001. DC1 sends this change to DC2 and DC2 will commit the change and update its local USN
The above scenario looks fine in a 2 DC scenario but could create severe replication loops in 3 or more DC scenario.
Up-to-dateness Vector (UTDV)
If a change is made in DC1 then the change is replicated to DC2 and DC3. When this change is received in DC2, it will inform DC1 and DC3 about the same change and will end up in a loop.
In order to avoid this situation another metadata is stored by the DC called the Up To Dateness Vector (UTDV).
UTDV stores the highest orginating update USN the local DC has received from other DCs. Every DC keeps a HWMV table and UTDV for each AD partition to store the latest USN of its replication partners. Whenever DC1 contacts DC2 for replication, DC2 will send the HWMV of DC1 in DC2 along with highest orginating USN that DC2 have in its UTDV table.
Scenario 2
3 Domain controllers
USN of DC1 = 3001
USN of DC2 = 4501
USN of DC3 = 7000
- Suppose a change is made in DC3 which increments the USN of DC3 to 7001. DC3 informs this change to DC1 and DC2
- Now starts the role of UTDV. DC2 notifies DC1 about the new change it received from DC3. DC1 then replies DC2 with the HWMV of DC2 in DC1 along with highest orginating USN DC1 have in its UTDV table (Here 7002 DC1 received from DC3).
- DC2 compares HWMV and understands that its HWMV in DC1 is outdated. Therefore it takes all corresponding transactions for the missing USN.
- But when it takes the missing transaction, after comparing the UTDV it received from DC1 and the orginating USN of the change in DC2, DC2 understands that the change need not be replicated to DC1.
#All these images are taken from Microsoft official technet site
Good one..
ReplyDeleteThanks for sharing this.
ReplyDelete