|Lesson 3||Replication components |
|Objective|| Define the replication components and the KCC.|
Establishing a replication path for new domain controllers
When you add domain controllers to a site, there must be a method for establishing a replication path between them.
Active Directory accomplishes this with replication components and the (KCC)Knowledge Consistency Checker
Understanding the purpose of the replication components
In Active Directory, the KCC automatically configures the connections between domain controllers for replication.
You can change those connections and create new connections; however, you should understand the purpose of the replication components before you modify the physical structure.
The KCC is a built-in process on all domain controllers that creates, reviews, and makes modifications to the
Active Directory replication topology (replication plan) at specified intervals to ensure that complete replication occurs. The KCC creates connections to keep your replication topology intact without manual intervention, even in the case of extended failures and outages. However, these connections can be created manually if they are not correctly configured; the KCC enables replication via a series of objects. To understand how the KCC functions, you need to understand server objects and computer objects.
Server objects and computer objects
All computers running Windows 2000 in a domain are represented in Active Directory by a
When you create a domain controller, the Active Directory Installation Wizard creates a secondary object that is distinct from the computer object for that domain controller. This is called a server object.
The server object, replication, and site management
Although the server object contains a reference to the corresponding computer object, and both objects refer to the same computer, the properties of each object type are different. The table below lists some of the differences between computer objects and server objects:
| || The server object || The computer object |
| Use || Represents domain controllers only || Represents all computers |
| Function || To manage the domain controller specifically in replication and site management || To manage authentication of the identity of the computer and audit activities associated with it |
| Access || Via Active Directory Sites and Services || Via Active Directory Users and Computers |
The following page contains a series of images outlining server and replication objects.
Understanding Replication Objects
You now know that server objects represent domain controllers, and domain controllers are used to replicate database information between sites. Because sites are also based on subnets,
the site of the server object must be consistent with its IP subnet.
Where the necessary site object does not exist, the Active Directory Installation Wizard cannot place a server object in the proper location. To fix this problem, you must move a server object from one site to another to keep the server object's site consistent with its IP subnet. Replication starts with the server object and ends with the connection object.
NTDS settings object
As you saw above, the server object is the parent of an NTDS Settings object. The NTDS Settings object is a container for all connection objects for that server object and is created automatically when Active Directory is installed. The key to replication, however, is the connection object.
A connection object
represents a one-way replication path between two server objects and points to the replication source. Domain controllers that are linked by a connection object are replication partners.
Creating connection objects for full replication
In Windows 2000 networks, unlike in NT domains, every domain controller can accept changes to the Active Directory database.
This means it is very important that two-way replication take place, so that all of domain controller A's changes are copied to domain controller B, and vice-versa. To replicate directory information between two domain controllers fully, two connection objects are required.
The following SlideShow below reviews the replication path:
- To replicate directory information between domain controller A and domain controller B fully, two connection objects are required.
- One connection object enables replication from domain controller A to domain controller B
- This connection object exists in the NTDS settings object of domain controller B.
- A second connection object enables replication from the domain controller B to domain controller A.
- This second connection object exists in the NTDS settings object of the domain controller A.
The following link contains an image gallery describing Active Directory Connection Objects:
Creating Connection Objects
Methods of creating connection objects
To set up full replication, you need to create connection objects. There are two ways to create connection objects:
- Automatically by the KCC running on the destination domain controlle
- Manually by an administrator
In the next lesson, we will discuss intra- and intersite replication.
It is important that you be familiar with the steps required for complete replication between two domain controllers.
Click the link below to review this process for creating connection objects.
Creating Connection Objects
Knowledge Consistency Checker (KCC):
A built-in service that runs on all domain controllers and automatically establishes connections between individual machines in the same site.
Connection object: An object that represents a one-way replication path between two server objects and points to the replication source.