Question about AD Replication

  • Thread starter Thread starter barabba72
  • Start date Start date
B

barabba72

Hello all,

TechNet says this:

Active Directory replication does not rely on time to determine what
changes need to be propagated. It relies on the use of Update Sequence
Numbers (USNs) that are assigned by a counter that is local to each
domain controller. Because these USNs are local, it is easy to ensure
that they are reliable and never "run backwards". The trade-off is that
it is meaningless to compare a USN assigned on one domain controller
to a USN assigned on a different domain controller. The replication
system is designed with this restriction in mind.

What I don't get is the trade-off part of this statement. I really
don't get it. Could somebody rephrase this ?

Thank you.
Bar
 
Hello all,

TechNet says this:

Active Directory replication does not rely on time to determine what
changes need to be propagated. It relies on the use of Update Sequence
Numbers (USNs) that are assigned by a counter that is local to each
domain controller. Because these USNs are local, it is easy to ensure
that they are reliable and never "run backwards". The trade-off is that
it is meaningless to compare a USN assigned on one domain controller
to a USN assigned on a different domain controller. The replication
system is designed with this restriction in mind.

What I don't get is the trade-off part of this statement. I really
don't get it. Could somebody rephrase this ?
Click to expand...

You mean thath You don't get it how the USNs are used in replication
between different domain controllers - in short words. Each domain
controller which is a part of replication proces maintains a table with
highest USN replicated from each replication partner. This highest USN
from the remote DC is called high watermark for this DC.

I think this document will give You good overview of replication process:
http://www.windowsitlibrary.com/Content/155/07/2.html
 
Let me give a concrete example.

Say you are monitoring changes on one Domain Controller. You are watching what
is changing by watching the USNs change. If that DC goes down, and you decide to
start watching another domain controller. The same USNs you are watching on the
first DC will be different on the second DC. I.E. Change identified by USN
4567432 will be change 89876754344 on the other DC. This means that generally
you would need to do a resync from scratch on the second DC to start monitoring
for new changes again.

Another example is that you can not compare the USNs of two DCs to determine if
they are in sync with each other.
 
Back
Top