Active Directory Intersite Replication

September 9, 2010 at 05:36:33
Specs: Windows Vista
Hello Everyone,

My name is Yekini and I just joined this forum today. I have been studying Active Directory in server 2003/2008 for some time now and so far, everything has been going great. Until I started studying and trying to master inter-site replications in Active Directory Sites & Services. Yes, we have intra-site and inter-site replications. In a nutshell, I completely I understood the whole concepts and configurations that needs to be down in Active Directory Sites & Services in order to implement inter-sites replications. (Note: Just on the Domain Controller & nothing else)

I also understand with my basic fundamental principle of TCP/IP addressing system, private IP addresses scheme are non-routable on the public network (internet) unless a default gateway is created and configured to allow private networks to route traffic to the internet.

This is my question:

Supposing I'm having a domain controller (DC1) in Japan with say network and DC2 in New York with say network. We know that these are all private class IP addresses.

To tell you what knowledge I have now is: I can create sites, subnets, site links, bridgehead servers and all that good stuff in Active Directory Sites & Services. I have no problem with intrasite replications since this is done automatically.

Now, this is the problem:

Now, after creating all that good stuff in Active Directory Sites & Services for intersite replications to take place,

1. Are some configurations supposed to be made on the individual networks (DC1&DC2) default gateways in order to pass this replications traffic?

2. Am I supposed to create a site to site vpn connection for the 2 locations? (Note: I just read this technology and it quite made sense, but some administrators use it as a backup instead of the mean WAN connections).

3. In a nutshell, what do I have to do in order to replicate data back and forth between these DCs?

I took this time in order to explain all these so that you can understand my problem and be able to help me out. Please assisting me in this direction would go a long way to enhancing my understanding in Active Directory Domain Services in Windows Server 2003/2008.

Thanks to you all in advance and I'm looking forward to hearing from you guys soon.



See More: Active Directory Intersite Replication

Report •

September 13, 2010 at 21:28:35
As long as the computers holding the FSMO roles can communicate with each other and resolve the names and SRV records via DNS you should be fine. This is assuming that routing is set up correctly. In a VPN the proper ports for LDAP, Kerberos, DNS, and other AD functions would need to be allowed.

This is more of a networking question than and AD implementation question. The servers will contact DNS to find the computers or services they need. The rest is up to your network configuration.

You would still want to set up the sites and subnets correctly, so that subnets are associated with the proper sites.

Report •

September 14, 2010 at 15:03:27
Thanks Glen.

You are very right this is more of a networking question than an AD implementation question. But this assumption about setting up routing correctly is quite confusing to me. Well, this is what I know about RRAS.
1. I can setup and configure NAT
2. VPN and site to site VPN
3. LAN Routing
That's all that I know I can confidently say I can do.

BUT, I'm still looking for materials to learn how to setup and configure a branch office in a different geographical area in RRAS.

Now, setting up a correct routing in RRAS to allow these geographically separated DCs to communicate to each other is the problem. I have not learn how to do that, and that is actually my main problem in the intersite replication.

Please if there is a way you could assist me by showing me how and where to do that (i.e., setting up routing to allow both DCs to communicate to each other) I would be very grateful. OR at least reference me to an online resource where I could learn on this.

Trust me I'm a fast learner


Report •
Related Solutions

Ask Question