How Domain database replication works

Source: Internet
Author: User

How Domain database replication works
Database File Location:


Site: A set of high-speed and reliable connections to computers.


Multiple host replication, a change in the data within a domain control that notifies other domain controllers to synchronize. 15s Sync Once

Emergency data: Emergency data is immediately synchronized to the PDC host.


When the number of domain controllers in a domain changes, such as by increasing or decreasing the domain controller, the process KCC on the domain controller will perform the calculation of the Active Directory replication topology. The KCC is translated into a knowledge consistency validator, and we do not see the KCC in the Task Manager's list of processes because it is part of the LSACC process. The KCC can automatically calculate the topology used by the domain controller for replication, and when the number of domain controllers is small, the KCC tends to use a ring topology for Active Directory replication in the domain, meaning that when the Active Directory content of a domain controller changes, This change is not passed to all other domain controllers at the same time, but is passed along the ring topology one by one designed by the KCC. and to achieve redundancy and increase efficiency, the KCC-designed topology is a dual-loop topology, which is a replication topology for a domain controller, and you can see that each domain controller has two replication partners, and replication of Active directory is performed in two directions clockwise and counterclockwise.


To reduce replication latency: More than 3 units are not allowed from the source DC to the destination DC.




AD DS replication between DCs in the same site uses change notification, which means that a DC data change, 15s, notifies other domain controllers. Receive a notification that the DC sends a request for update data to the source DC if needed. After the source is received, copy begins.
Replication partners:
Direct replication Partner Indirect replication Partner


Data synchronization between different sites, with bridgehead servers.


Replication conflicts: Multiple domain controllers modify an object at the same time, and one DC creates the user, and another DC deletes the OU ...

Check the following items;
1 Number of modifications to object Property object (version number), property value starting from 1
2 modification time on the different DC on the object modification time, after the first priority
3 The GUID of the DC that modifies the object is compared to the size GUID of the GUID, which refers to the hardware value of the DC


Example: Create a user jinning on Server01, make an ad backup, then delete this user, restore the ad backup, can I ask this user to restore success?

Step 1: Create the user on the ad user and computer:
Step 2: Make an ad backup with Windows Server Backup.
Step 3: Delete the user
Step 4: Go to directory Restore Mode to restore
Step 5: Restart the computer after you restore
Step 6: View the deleted users, whether the restore, restore unsuccessful:


You must perform an authoritative restore: Manually increase the property value of an object
Step 1: Create the user on the ad user and computer:
Step 2: Make an ad backup with Windows Server Backup.
Step 3: Delete the user
Step 4: Go to directory Restore Mode to restore


Operations master: FSMO
Operations master role:
RID master PDC structure domain naming schema

RID Master: The SID used to generate the user. sid= domain (native) ID + RID

To view the user sid:

PDC Host:
1. Compatible with legacy operating systems (NT)
2. Accelerating replication of emergency data
3. Intra-Domain time synchronization

All clients in the domain synchronize time with the PDC master of the domain

Domain naming master: The uniqueness of a domain name when maintenance is created or when a domain is deleted

Schema master: A property that holds an object within the entire schema

Infrastructure Master: Maintains updates for cross-domain objects, such as: A domain user joins to a group of domain B


Domain level: RID master PDC host fabric Master in each domain
Forest level: Domain naming master schema master in one forest

Find FSMO
Graphical interface:

Command line:

Example: Finding the FSMO in the current domain through a graphical interface
RID PDC Structure

Domain naming master:
AD Domains and trust relationships

Schema master:
Run command: regsvr32 schmmgmt.dll Register schema host dynamic link library file

Running: MMC


Instance: Viewing the FSMO in the current domain from the command line
netdom query FSMO

Example: Transfer operations master
Three ways:
1. Graphical interface

Transferring the operations master from SERVER01 to Server02

2. NTDSUTIL
Transferring the operations master from Server02 to Server01

3. Drop the domain of the DC where the operations master resides
Transfer the operations master to another DC by means of a reduced domain


Forced possession of FSMO
Suitable for operations master not to be connected
Example: Seizing FSMO on Server01 by means of forced possession
Preparation: The existing operation of the main machine, the other DC (SERVER01) to preempt

by Ntdsutil

The original operations master do not go back to the domain

How Domain database replication works

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.