Académique Documents
Professionnel Documents
Culture Documents
NTDS.DIT
EDB.Log
EDB.Che
All AD changes didn’t write directly to NTDS.DIT database file, first write to EDB.Log and
from log file to database, EDB.Che used to track the database update from log file, to know what
changes are copied to database file.
Active Directory partition is how and where the AD information logically stored.
Schema Partition – It store details about objects and attributes. Replicates to all domain
controllers in the Forest
Configuration Partition – It store details about the AD configuration information like, Site,
site-link, subnet and other replication topology information. Replicates to all domain controllers
in the Forest
DN Location is CN=Configuration,DC=Domainname,DC=com
Domain Partitions – object information for a domain like user, computer, group, printer and
other Domain specific information. Replicates to all domain controllers within a domain
DN Location is DC=Domainname,DC=com
The Sysvol folder on a Windows domain controller is used to stores domain’s Group Policy
settings, default profiles and logon/logoff/startup/shutdown scripts, which is available in
C:\Windows\SYSVOL directory in all domain controllers within the Domain
Netlogon folder contain logon/logoff/startup/shutdown scripts which is inside the Sysvol folder
Kerberos is an authentication protocol for network. It is built to offer strong authentication for
server/client applications by using secret-key cryptography.
We can not transfer the global catalog; we can only remove the global catalog from one
server and enable other server as a global catalog.
How to configure global catalog server?
Go to Active directory site and services and expand till your desire server’s NTDS
settings and then right click; property and check mark the Global catalog check box.
RPC and SMTP. Predominantly RPC is used. SMTP is not used as its not
recommended for replication of Domain Partition.
What is the difference between the two types of replication i.e. intrasite and
intersite?
Intersite replication is for replication with in the site and Intra-site replication is for the
replication between the sites.
Active directory sites, which consist of well-connected networks defined by IP subnets that help
define the physical structure of your AD, give you much better control over replication traffic
and authentication traffic than the control you get with Windows NT 4.0 domains.
Using Active Directory, the network and its objects are organized by constructs such as domains,
trees, forests, trust relationships, organizational units (OUs), and sites.
Schedule enables you to list weekdays or hours when the site link is available for replication to
happen in the give interval. Interval is the re occurrence of the inter site replication in given
minutes. It ranges from 15 – 10,080 mins. The default interval is 180 mins.
The KCC is a built-in process that runs on all domain controllers and generates replication
topology for the Active Directory forest. The KCC creates separate replication topologies
depending on whether replication is occurring within a site (intrasite) or between sites (intersite).
The KCC also dynamically adjusts the topology to accommodate new domain controllers,
domain controllers moved to and from sites, changing costs and schedules, and domain
controllers that are temporarily unavailable.