Streamline AD replication in Windows Server 2003

By James Michael Stewart, Contributor

In the past, replication often caused visions of slow behemoths attempting to traverse a tunnel even though their cargo was too tall. I'm sure you've heard the urban legend about the little girl who suggested deflating the tires of a semi-truck to lower it just enough to pass under an overpass for which it was just a few inches shy of clearing. Well, Active Directory replication under Windows 2000 Server seemed to function in much the same way . . . i.e. barely able to complete the necessary data transmission activities while often impeding network productivity.

Under Windows Server 2003, Active Directory replication is greatly improved. One of the most significant improvements to AD replication is the feature known as linked value replication. This feature allows individual or single values from a multi-value AD object to be replicated instead of forcing the whole object's collection of values to be replicated. This means that only the changes are transferred, rather than the entire object, which greatly reduces replication overhead, especially for large and complex objects. For example, adding a few members to a global group of 3,000 does not require all 3,003 user names to be transmitted to the other domain controllers. Instead, linked value replication lets you transmit only the three new names, which provides improved efficiency, speed and reliability.

By changing the way AD objects replicate, Microsoft was able to remove the maximum size limitation for AD

Requires Free Membership to View

objects. Before Windows Server 2003, AD objects, such as groups and sites, could only have 5,000 and 200 members, respectively. Now, there is no limit to the number of AD-controlled group members, and sites can have up to 5,000 members.

Remember, to take full advantage of the improvements to Active Directory -- you must deploy Windows Server 2003 domain controllers only.

James Michael Stewart has co-authored numerous books on Microsoft, security certification and administration and is a regular speaker at NetWorld+Interop. Michael holds the following certifications: MCSE, MCT, CTT+, CISSP, TICSA, CIW SA, CCNA, MCSE NT & W2K and iNet+. He can be reached at michael@impactonline.com.

This was first published in April 2005

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.