Speeding up Active Directory Replication
Results 1 to 5 of 5

Thread: Speeding up Active Directory Replication

  1. #1
    Member n00bius's Avatar
    Join Date
    Mar 2005
    Location
    texas
    Posts
    86

    Red face Speeding up Active Directory Replication

    Quick question, my domain (for some ungodly reason) has four domain controllers, two in a blade chassis and two out. Wanted to know what I could do to speed up replication, Had an issue yesterday where we'd create an account and it took about a minute to reach that users login server...annoying. I mean i'd understand if there was a great deal of space between them, but they're in the same room, on the same gigabit switch...on the same subnet, what gives?
    ...:::Pure Kn0wledge:::...

  2. #2
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    One minute is considered normal replication time given your general description of your AD architecture. Have you considered what actually takes place when you add accounts in AD? It has to do quite a bit of writing and verifying when it sets up accounts. I'd recommend having a look at the technet whitepapers. Once you see that, you should feel better about the time it takes to populate the GC.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  3. #3
    Right turn Clyde Nokia's Avatar
    Join Date
    Aug 2003
    Location
    Button Moon
    Posts
    1,696
    One way to speed it up (although if it only takes a minute to replicate anyway you probably won't see a difference) is to host the GC on all domain controllers - MS say only one DC should be host the GC for various reasons, but if you have more than one then as long as all DC's have the GC local to it then there won't be any problems - unless you have Exchange installed on a DC - if you do, then this should not host the GC.

    This will reduce replication timings a little bit, but due to the way replication works (Inf master talking to the PDC etc) one miniute is considered pretty good.

    You can change it to replicate over IP instead of RPC in the AD Sites and Services too - this will help with speed.

    All of the above normally only really applies if you have drastic replication issues though (10 minutes or so)..
    Drugs have taught an entire generation of kids the metric system.

    http://tazforum.**********.com/

  4. #4
    Member n00bius's Avatar
    Join Date
    Mar 2005
    Location
    texas
    Posts
    86
    hmm, understood. What's the going rate for DC to User ratio? Like how many users would a network have to have to need more than two servers?
    ...:::Pure Kn0wledge:::...

  5. #5
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    Very easy to determine.

    See figure 4.5

    http://technet2.microsoft.com/window....mspx?mfr=true
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Similar Threads

  1. Windows Error Messages
    By cheyenne1212 in forum Miscellaneous Security Discussions
    Replies: 7
    Last Post: February 1st, 2012, 02:51 PM
  2. Port List
    By ThePreacher in forum Miscellaneous Security Discussions
    Replies: 17
    Last Post: December 14th, 2006, 09:37 PM
  3. The history of the Mac line of Operating systems
    By gore in forum Operating Systems
    Replies: 3
    Last Post: March 7th, 2004, 08:02 AM
  4. Tcp/ip
    By gore in forum Newbie Security Questions
    Replies: 11
    Last Post: December 29th, 2003, 08:01 AM
  5. Stack Overflow in Active Directory
    By thehorse13 in forum Microsoft Security Discussions
    Replies: 2
    Last Post: July 2nd, 2003, 11:46 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •