|
server
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Site-replication frequency minimum 15 minutes ?I recenlty began to use Sites in our LAN envirement because I wanted the
clients to log on to there physical nearest DC. We are spread over 5 physical locations. But now we have a delay of 15 minutes when we are changing for example users Group membership. Before we used sites (all subnets was in the Deault-first-site-name) the replication took place immideately (or after 15 seconds I think). Is it not possible to turn down the site replication frequency to 1 minute ? Why is 15 minutes the limit ? Sincerely \\Jonas B Jonas,
There is something called Intra-Site replication and there is something called Inter-Site replication. When all of the Domain Controllers where located in the default Site there was only Intra-Site replication going on. This is really quick. However, once you set up your Sites in Active Directory Sites and Services (or however you might have done it) and associated Subnets to the Sites and then move Domain Controllers into those Sites you will need to do one thing and one thing alone - create the Site Links. The KCC, with help from the ISTG, will take care of the rest for you. If you choose. You can disable all of this and do everything manually (but really only if you really know what you are doing) and you can do some tasks and let the KCC do the rest. Anyway, take a look at the following link: http://technet2.microsoft.com/WindowsServer/en/Library/60ea064a-d867-4848-9baf-b1f7f9e368ff1033.mspx Look at schedule and interval! This should help. -- Show quoteHide quoteCary W. Shultz Roanoke, VA 24012 "Jo***@bson.se" <jonasberthels***@hotmail.com> wrote in message news:O2DcBmXLGHA.3100@tk2msftngp13.phx.gbl... >I recenlty began to use Sites in our LAN envirement because I wanted the >clients to log on to there physical nearest DC. We are spread over 5 >physical locations. But now we have a delay of 15 minutes when we are >changing for example users Group membership. Before we used sites (all >subnets was in the Deault-first-site-name) the replication took place >immideately (or after 15 seconds I think). Is it not possible to turn down >the site replication frequency to 1 minute ? Why is 15 minutes the limit ? > > Sincerely > > \\Jonas B > No you can't turn it down, all you can do is enable change notification.
The timing is in there because sites are normally different locations with slower connections between them and replication shouldn't necessarily need to be so quick between the sites, plus you don't want to melt the WAN lines with all of the change notifications you get inside of a site. -- Show quoteHide quoteJoe Richards Microsoft MVP Windows Server Directory Services Author of O'Reilly Active Directory Third Edition www.joeware.net ---O'Reilly Active Directory Third Edition now available--- http://www.joeware.net/win/ad3e.htm Jo***@bson.se wrote: > I recenlty began to use Sites in our LAN envirement because I wanted the > clients to log on to there physical nearest DC. We are spread over 5 > physical locations. But now we have a delay of 15 minutes when we are > changing for example users Group membership. Before we used sites (all > subnets was in the Deault-first-site-name) the replication took place > immideately (or after 15 seconds I think). Is it not possible to turn down > the site replication frequency to 1 minute ? Why is 15 minutes the limit ? > > Sincerely > > \\Jonas B > > We have some sites where we utilise a LAN Extension Circuit (2Gbp link) where
I'd like to contain the authentication traffic to within the appropriate site but also drop the replication schedule to around 1 minute. Is there no way to bring the schedule down for these well-connected sites and leave the rest at 90 mins for example? configure change notification on the site link.
Insert the value 1 into the options attribute of the site link object in AD. Use ADSIEDIT for that -- Show quoteHide quoteCheers, (HOPEFULLY THIS INFORMATION HELPS YOU!) # Jorge de Almeida Pinto # MVP Windows Server - Directory Services BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx ----------------------------------------------------------------------------- * This posting is provided "AS IS" with no warranties and confers no rights! * Always test before implementing! ----------------------------------------------------------------------------- ----------------------------------------------------------------------------- "Graham C" <Grah***@discussions.microsoft.com> wrote in message news:052533F4-FB8A-46CB-B51A-80DFD44E1D5C@microsoft.com... > We have some sites where we utilise a LAN Extension Circuit (2Gbp link) > where > I'd like to contain the authentication traffic to within the appropriate > site > but also drop the replication schedule to around 1 minute. Is there no way > to > bring the schedule down for these well-connected sites and leave the rest > at > 90 mins for example? Hi,
Thanks for the prompt response, although I don't think this is quite what I'm after. Placing a 1 in the Options attribute for a given NTDS object - is that not the same as setting the "IS_AUTO_TOPOLOGY_DISABLED" flag using repadmin? Take this scenario as an example... You have 2 sites (lets call them SiteA and SiteB) which are 200 miles apart. At SiteA you have 300 users and at SiteB you have 2500 users and the sites are connected via a 2Gbps private link. SiteA contains 1 DC and SiteB contains 5 DCs. Now although the sites are well-connected it makes geographical sense to know that the SiteA users are authenticated locally and the SiteB users are authenticated locally - so logically they are split into two AD sites. What we're looking to achieve then is to bring the replication time down between these two sites. The shortest time for inter-site replication appears to be 15mins - but I have heard that it can be brought down to something less..... Show quoteHide quote "Jorge de Almeida Pinto [MVP]" wrote: > configure change notification on the site link. > > Insert the value 1 into the options attribute of the site link object in AD. > Use ADSIEDIT for that > > -- > > Cheers, > (HOPEFULLY THIS INFORMATION HELPS YOU!) > > # Jorge de Almeida Pinto # MVP Windows Server - Directory Services > > BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx > ----------------------------------------------------------------------------- > * This posting is provided "AS IS" with no warranties and confers no rights! > * Always test before implementing! > ----------------------------------------------------------------------------- > > > ----------------------------------------------------------------------------- > "Graham C" <Grah***@discussions.microsoft.com> wrote in message > news:052533F4-FB8A-46CB-B51A-80DFD44E1D5C@microsoft.com... > > We have some sites where we utilise a LAN Extension Circuit (2Gbp link) > > where > > I'd like to contain the authentication traffic to within the appropriate > > site > > but also drop the replication schedule to around 1 minute. Is there no way > > to > > bring the schedule down for these well-connected sites and leave the rest > > at > > 90 mins for example? > > > And just after I posted that I found this little chestnut on Technet:
http://support.microsoft.com/kb/300038 - this indicates I can change the value of the "replinterval" attribute to what I like, but the article is W2K based. Show quoteHide quote "Graham C" wrote: > Hi, > Thanks for the prompt response, although I don't think this is quite what > I'm after. Placing a 1 in the Options attribute for a given NTDS object - is > that not the same as setting the "IS_AUTO_TOPOLOGY_DISABLED" flag using > repadmin? > > Take this scenario as an example... > You have 2 sites (lets call them SiteA and SiteB) which are 200 miles apart. > At SiteA you have 300 users and at SiteB you have 2500 users and the sites > are connected via a 2Gbps private link. SiteA contains 1 DC and SiteB > contains 5 DCs. > > Now although the sites are well-connected it makes geographical sense to > know that the SiteA users are authenticated locally and the SiteB users are > authenticated locally - so logically they are split into two AD sites. > > What we're looking to achieve then is to bring the replication time down > between these two sites. The shortest time for inter-site replication appears > to be 15mins - but I have heard that it can be brought down to something > less..... > > "Jorge de Almeida Pinto [MVP]" wrote: > > > configure change notification on the site link. > > > > Insert the value 1 into the options attribute of the site link object in AD. > > Use ADSIEDIT for that > > > > -- > > > > Cheers, > > (HOPEFULLY THIS INFORMATION HELPS YOU!) > > > > # Jorge de Almeida Pinto # MVP Windows Server - Directory Services > > > > BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx > > ----------------------------------------------------------------------------- > > * This posting is provided "AS IS" with no warranties and confers no rights! > > * Always test before implementing! > > ----------------------------------------------------------------------------- > > > > > > ----------------------------------------------------------------------------- > > "Graham C" <Grah***@discussions.microsoft.com> wrote in message > > news:052533F4-FB8A-46CB-B51A-80DFD44E1D5C@microsoft.com... > > > We have some sites where we utilise a LAN Extension Circuit (2Gbp link) > > > where > > > I'd like to contain the authentication traffic to within the appropriate > > > site > > > but also drop the replication schedule to around 1 minute. Is there no way > > > to > > > bring the schedule down for these well-connected sites and leave the rest > > > at > > > 90 mins for example? > > > > > > Apologies to Jorge; I was thinking of this along the wrong lines. After
thinking about your response I now understand that what you are saying is that changing the Options attribute flips us into using Change notification as opposed to using the schedule(?) and I guess this is what I was looking for. I'd had it in my mind that I could change the "replinterval" down to say 2 mins. If I go your suggested route, will the traffic still be compressed between the to sites? Cheers Graham Show quoteHide quote "Graham C" wrote: > And just after I posted that I found this little chestnut on Technet: > http://support.microsoft.com/kb/300038 - this indicates I can change the > value of the "replinterval" attribute to what I like, but the article is W2K > based. > > "Graham C" wrote: > > > Hi, > > Thanks for the prompt response, although I don't think this is quite what > > I'm after. Placing a 1 in the Options attribute for a given NTDS object - is > > that not the same as setting the "IS_AUTO_TOPOLOGY_DISABLED" flag using > > repadmin? > > > > Take this scenario as an example... > > You have 2 sites (lets call them SiteA and SiteB) which are 200 miles apart. > > At SiteA you have 300 users and at SiteB you have 2500 users and the sites > > are connected via a 2Gbps private link. SiteA contains 1 DC and SiteB > > contains 5 DCs. > > > > Now although the sites are well-connected it makes geographical sense to > > know that the SiteA users are authenticated locally and the SiteB users are > > authenticated locally - so logically they are split into two AD sites. > > > > What we're looking to achieve then is to bring the replication time down > > between these two sites. The shortest time for inter-site replication appears > > to be 15mins - but I have heard that it can be brought down to something > > less..... > > > > "Jorge de Almeida Pinto [MVP]" wrote: > > > > > configure change notification on the site link. > > > > > > Insert the value 1 into the options attribute of the site link object in AD. > > > Use ADSIEDIT for that > > > > > > -- > > > > > > Cheers, > > > (HOPEFULLY THIS INFORMATION HELPS YOU!) > > > > > > # Jorge de Almeida Pinto # MVP Windows Server - Directory Services > > > > > > BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx > > > ----------------------------------------------------------------------------- > > > * This posting is provided "AS IS" with no warranties and confers no rights! > > > * Always test before implementing! > > > ----------------------------------------------------------------------------- > > > > > > > > > ----------------------------------------------------------------------------- > > > "Graham C" <Grah***@discussions.microsoft.com> wrote in message > > > news:052533F4-FB8A-46CB-B51A-80DFD44E1D5C@microsoft.com... > > > > We have some sites where we utilise a LAN Extension Circuit (2Gbp link) > > > > where > > > > I'd like to contain the authentication traffic to within the appropriate > > > > site > > > > but also drop the replication schedule to around 1 minute. Is there no way > > > > to > > > > bring the schedule down for these well-connected sites and leave the rest > > > > at > > > > 90 mins for example? > > > > > > > > > Yeah you definitely need the glasses. :)
That article is talking about a bug if you do set the value outside of the appropriate values. I recall that bug, it could blue screen DCs. -- Show quoteHide quoteJoe Richards Microsoft MVP Windows Server Directory Services Author of O'Reilly Active Directory Third Edition www.joeware.net ---O'Reilly Active Directory Third Edition now available--- http://www.joeware.net/win/ad3e.htm Graham C wrote: > And just after I posted that I found this little chestnut on Technet: > http://support.microsoft.com/kb/300038 - this indicates I can change the > value of the "replinterval" attribute to what I like, but the article is W2K > based. > > "Graham C" wrote: > >> Hi, >> Thanks for the prompt response, although I don't think this is quite what >> I'm after. Placing a 1 in the Options attribute for a given NTDS object - is >> that not the same as setting the "IS_AUTO_TOPOLOGY_DISABLED" flag using >> repadmin? >> >> Take this scenario as an example... >> You have 2 sites (lets call them SiteA and SiteB) which are 200 miles apart. >> At SiteA you have 300 users and at SiteB you have 2500 users and the sites >> are connected via a 2Gbps private link. SiteA contains 1 DC and SiteB >> contains 5 DCs. >> >> Now although the sites are well-connected it makes geographical sense to >> know that the SiteA users are authenticated locally and the SiteB users are >> authenticated locally - so logically they are split into two AD sites. >> >> What we're looking to achieve then is to bring the replication time down >> between these two sites. The shortest time for inter-site replication appears >> to be 15mins - but I have heard that it can be brought down to something >> less..... >> >> "Jorge de Almeida Pinto [MVP]" wrote: >> >>> configure change notification on the site link. >>> >>> Insert the value 1 into the options attribute of the site link object in AD. >>> Use ADSIEDIT for that >>> >>> -- >>> >>> Cheers, >>> (HOPEFULLY THIS INFORMATION HELPS YOU!) >>> >>> # Jorge de Almeida Pinto # MVP Windows Server - Directory Services >>> >>> BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx >>> ----------------------------------------------------------------------------- >>> * This posting is provided "AS IS" with no warranties and confers no rights! >>> * Always test before implementing! >>> ----------------------------------------------------------------------------- >>> >>> >>> ----------------------------------------------------------------------------- >>> "Graham C" <Grah***@discussions.microsoft.com> wrote in message >>> news:052533F4-FB8A-46CB-B51A-80DFD44E1D5C@microsoft.com... >>>> We have some sites where we utilise a LAN Extension Circuit (2Gbp link) >>>> where >>>> I'd like to contain the authentication traffic to within the appropriate >>>> site >>>> but also drop the replication schedule to around 1 minute. Is there no way >>>> to >>>> bring the schedule down for these well-connected sites and leave the rest >>>> at >>>> 90 mins for example? >>> >>> I never said "the Options attribute for a given NTDS object "
I did say: "options attribute of the SITE LINK object" configuring change notifications on the site link produces the same behavior as intra site replication -- Show quoteHide quoteCheers, (HOPEFULLY THIS INFORMATION HELPS YOU!) # Jorge de Almeida Pinto # MVP Windows Server - Directory Services BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx ----------------------------------------------------------------------------- * This posting is provided "AS IS" with no warranties and confers no rights! * Always test before implementing! ----------------------------------------------------------------------------- ----------------------------------------------------------------------------- "Graham C" <Grah***@discussions.microsoft.com> wrote in message news:2791E8A6-9349-42B6-B8B5-19DFE0A92DC6@microsoft.com... > Hi, > Thanks for the prompt response, although I don't think this is quite > what > I'm after. Placing a 1 in the Options attribute for a given NTDS object - > is > that not the same as setting the "IS_AUTO_TOPOLOGY_DISABLED" flag using > repadmin? > > Take this scenario as an example... > You have 2 sites (lets call them SiteA and SiteB) which are 200 miles > apart. > At SiteA you have 300 users and at SiteB you have 2500 users and the > sites > are connected via a 2Gbps private link. SiteA contains 1 DC and SiteB > contains 5 DCs. > > Now although the sites are well-connected it makes geographical sense to > know that the SiteA users are authenticated locally and the SiteB users > are > authenticated locally - so logically they are split into two AD sites. > > What we're looking to achieve then is to bring the replication time down > between these two sites. The shortest time for inter-site replication > appears > to be 15mins - but I have heard that it can be brought down to something > less..... > > "Jorge de Almeida Pinto [MVP]" wrote: > >> configure change notification on the site link. >> >> Insert the value 1 into the options attribute of the site link object in >> AD. >> Use ADSIEDIT for that >> >> -- >> >> Cheers, >> (HOPEFULLY THIS INFORMATION HELPS YOU!) >> >> # Jorge de Almeida Pinto # MVP Windows Server - Directory Services >> >> BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx >> ----------------------------------------------------------------------------- >> * This posting is provided "AS IS" with no warranties and confers no >> rights! >> * Always test before implementing! >> ----------------------------------------------------------------------------- >> >> >> ----------------------------------------------------------------------------- >> "Graham C" <Grah***@discussions.microsoft.com> wrote in message >> news:052533F4-FB8A-46CB-B51A-80DFD44E1D5C@microsoft.com... >> > We have some sites where we utilise a LAN Extension Circuit (2Gbp link) >> > where >> > I'd like to contain the authentication traffic to within the >> > appropriate >> > site >> > but also drop the replication schedule to around 1 minute. Is there no >> > way >> > to >> > bring the schedule down for these well-connected sites and leave the >> > rest >> > at >> > 90 mins for example? >> >> >> That'll be a new pair of glasses for me then! :-)
Show quoteHide quote "Jorge de Almeida Pinto [MVP]" wrote: > I never said "the Options attribute for a given NTDS object " > > I did say: "options attribute of the SITE LINK object" > > configuring change notifications on the site link produces the same behavior > as intra site replication > > -- > > Cheers, > (HOPEFULLY THIS INFORMATION HELPS YOU!) > > # Jorge de Almeida Pinto # MVP Windows Server - Directory Services > > BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx > ----------------------------------------------------------------------------- > * This posting is provided "AS IS" with no warranties and confers no rights! > * Always test before implementing! > ----------------------------------------------------------------------------- > > > ----------------------------------------------------------------------------- > "Graham C" <Grah***@discussions.microsoft.com> wrote in message > news:2791E8A6-9349-42B6-B8B5-19DFE0A92DC6@microsoft.com... > > Hi, > > Thanks for the prompt response, although I don't think this is quite > > what > > I'm after. Placing a 1 in the Options attribute for a given NTDS object - > > is > > that not the same as setting the "IS_AUTO_TOPOLOGY_DISABLED" flag using > > repadmin? > > > > Take this scenario as an example... > > You have 2 sites (lets call them SiteA and SiteB) which are 200 miles > > apart. > > At SiteA you have 300 users and at SiteB you have 2500 users and the > > sites > > are connected via a 2Gbps private link. SiteA contains 1 DC and SiteB > > contains 5 DCs. > > > > Now although the sites are well-connected it makes geographical sense to > > know that the SiteA users are authenticated locally and the SiteB users > > are > > authenticated locally - so logically they are split into two AD sites. > > > > What we're looking to achieve then is to bring the replication time down > > between these two sites. The shortest time for inter-site replication > > appears > > to be 15mins - but I have heard that it can be brought down to something > > less..... > > > > "Jorge de Almeida Pinto [MVP]" wrote: > > > >> configure change notification on the site link. > >> > >> Insert the value 1 into the options attribute of the site link object in > >> AD. > >> Use ADSIEDIT for that > >> > >> -- > >> > >> Cheers, > >> (HOPEFULLY THIS INFORMATION HELPS YOU!) > >> > >> # Jorge de Almeida Pinto # MVP Windows Server - Directory Services > >> > >> BLOG --> http://blogs.dirteam.com/blogs/jorge/default.aspx > >> ----------------------------------------------------------------------------- > >> * This posting is provided "AS IS" with no warranties and confers no > >> rights! > >> * Always test before implementing! > >> ----------------------------------------------------------------------------- > >> > >> > >> ----------------------------------------------------------------------------- > >> "Graham C" <Grah***@discussions.microsoft.com> wrote in message > >> news:052533F4-FB8A-46CB-B51A-80DFD44E1D5C@microsoft.com... > >> > We have some sites where we utilise a LAN Extension Circuit (2Gbp link) > >> > where > >> > I'd like to contain the authentication traffic to within the > >> > appropriate > >> > site > >> > but also drop the replication schedule to around 1 minute. Is there no > >> > way > >> > to > >> > bring the schedule down for these well-connected sites and leave the > >> > rest > >> > at > >> > 90 mins for example? > >> > >> > >> > > > 
Other interesting topics
Replication
ADAM - Domain Service Account V.S. Network Service User Login Time on windows 2000 profesional on Domain AD Disaster Recovery mapped drives at logon Number of users per container (OU) in ADAM / AD Fresh Install of ADAM SP1 - Can't install without doing an upgrade Problems locating PDC on win2k3 server Push domain account into Local computer user group? Clients get automatically locked |
|||||||||||||||||||||||
