Under Windows Server 2003, Active Directory replication is greatly improved. One of the most significant improvements to AD replication is the feature known as linked value replication. This feature allows individual or single values from a multi-value AD object to be replicated instead of forcing the whole object's collection of values to be replicated. This means that only the changes are transferred, rather than the entire object, which greatly reduces replication overhead, especially for large and complex objects. For example, adding a few members to a global group of 3,000 does not require all 3,003 user names to be transmitted to the other domain controllers. Instead, linked value replication lets you transmit only the three new names, which provides improved efficiency, speed and reliability.
By changing the way AD objects replicate, Microsoft was able to remove the maximum size limitation for AD objects.
Requires Free Membership to View
When you register, my team of editors will also send you the latest expert resources covering pertinent IT topics such as Windows server backup and recovery, server administration, storage management, infrastructure security, virtualization, Hyper-V, Active Directory and Group Policy.
Cathleen A. Gagne, Senior Editorial Director
Before Windows Server 2003, AD objects, such as groups and sites, could only have 5,000 and 200 members, respectively. Now, there is no limit to the number of AD-controlled group members, and sites can have up to 5,000 members.Remember, to take full advantage of the improvements to Active Directory -- you must deploy Windows Server 2003 domain controllers only.
James Michael Stewart has co-authored numerous books on Microsoft, security certification and administration and is a regular speaker at NetWorld+Interop. Michael holds the following certifications: MCSE, MCT, CTT+, CISSP, TICSA, CIW SA, CCNA, MCSE NT & W2K and iNet+. He can be reached at michael@impactonline.com.
This was first published in April 2005