|
Yeah,
I don't see why not.
If he can create sites, then couldn't he
create a site link from his remote offices to his HQ, and disable
site link bridging. This would let him leave his KCC
active.
John Witasick
Project Manager - Windows Networking Services
Group
----- Original Message -----
Sent: Wednesday, June 04, 2003 5:05
PM
Subject: RE: [ActiveDir] Replication
Problems...
>From Raymonds original post:
==
We do, at
least, have each of our remote sites with a different IP range
since the
network USED to be routed (long story short, our core processor
uses a
serial printing protocol that was not routable at the time)
==
So
I assume he could, without too much effort, create sites using
the
appropriate masks. The traffic still wouldn't be routed, but at least
AD
could group DCs into physical
locations.
-g
-----Original Message-----
From: Fugleberg,
David A [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 04, 2003
1:46 PM
To: [EMAIL PROTECTED]
Subject:
RE: [ActiveDir] Replication Problems...
If it's really bridged,
as in one big, happy IP subnet, how would you create
sites ? Maybe
I'm just confused...happens a lot lately. Dave
-----Original
Message-----
From: Roger Seielstad
[mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 04, 2003 3:03
PM
To: '[EMAIL PROTECTED]'
Subject:
RE: [ActiveDir] Replication Problems...
I *think* the default is
300 minutes, but can be configured down as low as
15
minutes.
--------------------------------------------------------------
Roger
D. Seielstad - MTS MCSE MS-MVP
Sr. Systems Administrator
Inovis
Inc.
> -----Original Message-----
> From: Gil
Kirkpatrick [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, June 04, 2003
3:49 PM
> To: '[EMAIL PROTECTED]'
>
Subject: RE: [ActiveDir] Replication Problems...
>
>
>
Raymond,
>
> If you can set up meaningful sites (which I guess
you can),
> then a potential strategy would be to disable the ISTG at
> each site and set up manual connections between the remote
>
sites and one or more DCs at HQ. Ideally you would run DNS on
> each
of the DCs as well so that clients would keep DC
> location traffic
local. The only trick then would be to make
> sure that when a DC
fails at a remote site that the clients
> would select a DC at HQ for
authentication, instead of any
> random DC on the network. I wrote an
article for Windows&.NET
> magazine a few months ago about this
topic; it was in the
> March issue I think. There's a copy you can
D/L from our
> website:
> http://www.netpro.com/forum/files/authentication_topology.pdf.
>
> The replication schedule between sites is by default every
15
> minutes; not quie immediate, but good enough for most
>
purposes. Its configurable by defining the schedule on the
>
connection object in AD Sites&Services.
>
> HTH,
>
> -gil
>
>
>
> -----Original
Message-----
> From: Raymond McClinnis
[mailto:[EMAIL PROTECTED]
> Sent: Wednesday, June 04, 2003
11:50 AM
> To: [EMAIL PROTECTED]
>
Subject: RE: [ActiveDir] Replication Problems...
>
>
>
Gil,
>
> That's kind of what I was asking. I was thinking
I could
> just have all of the remote DC's pull from the DC's here at
> HQ, I just wasn't sure what problems I might run into. MS
> recommends using a site for each remote which makes sense,
>
but I wasn't clear on the time periods that sync would occur
>
during, or whether immediate changes would indeed be immediate.
>
>
> Thanks,
>
> Raymond
>
>
>
-----Original Message-----
> From: [EMAIL PROTECTED]
>
[mailto:[EMAIL PROTECTED] On Behalf Of Gil
>
Kirkpatrick
> Sent: Wednesday, June 04, 2003 10:59 AM
> To: '[EMAIL PROTECTED]'
>
Subject: RE: [ActiveDir] Replication Problems...
>
> Raymond,
Roger,
>
> Perhaps I'm missing the significance of a "bridged
WAN", but
> why not disable the KCC and create your own connection
> objects to control which DCs replicate with each other?
>
> -gil
>
> -----Original Message-----
> From:
Raymond McClinnis [mailto:[EMAIL PROTECTED]
> Sent:
Wednesday, June 04, 2003 9:06 AM
> To: [EMAIL PROTECTED]
>
Subject: RE: [ActiveDir] Replication Problems...
>
>
>
We do, at least, have each of our remote sites with a
> different IP
range since the network USED to be routed (long
> story short, our
core processor uses a serial printing
> protocol that was not
routable at the
> time) We are redesigning the network this year
so that we
> can unf#$%^ ourselves. But in the meantime changes
we make
> don't replicate, or un-replicate.
>
> On a
side note, our network has broken even the most
> confident of men,
the consultant that just left was "on top
> of his game" before he
worked on our network. But he left a
> broken and battered man
with a lot of self-doubt (and as a
> good friend).
>
> And if the guy who 'designed' this network were still here
>
Roger, having what you mentioned happen to him would be the
> LEAST
of his worries :-).
>
> Thanks again,
>
>
>
> Raymond McClinnis
> Network Administrator
> Provident
Credit Union
>
>
> -----Original Message-----
>
From: [EMAIL PROTECTED]
>
[mailto:[EMAIL PROTECTED] On Behalf Of
> Roger
Seielstad
> Sent: Wednesday, June 04, 2003 8:15 AM
> To: '[EMAIL PROTECTED]'
>
Subject: RE: [ActiveDir] Replication Problems...
>
> There are
no good topologies for a bridged WAN. Including the
> time I saw a
three building campus bridged by OC3 (155MBps)
> lines. Performance
was still an issue.
>
> Is there any logical segmentation that
can be done, such as
> each office has its own block of IPs? That
would allow you to
> create AD Sites and use that to control
replication traffic.
> Without that, I'd say you're screwed.
>
> I do think you should have your network engineer fired,
then
> shot, hung, and sent to the Russian Front!
>
>
Roger
>
--------------------------------------------------------------
> Roger
D. Seielstad - MTS MCSE MS-MVP
> Sr. Systems Administrator
>
Inovis Inc.
>
>
> > -----Original
Message-----
> > From: Raymond McClinnis
[mailto:[EMAIL PROTECTED]
> > Sent: Wednesday, June 04,
2003 11:06 AM
> > To: [EMAIL PROTECTED]
>
> Subject: [ActiveDir] Replication Problems...
> >
> >
> > Hello all,
> >
> > Does anyone know a good
topology for a bridged WAN. Once everyone
> > picks
>
> up their jaws, I'll continue. We have approximately 18 DC's
> > at remote
> > sites on various low bandwidth lines
(from 384K to T-1). By default
> > all the servers are
trying to talk to each other and there have been
> > instances of
us removing users from groups and the user returning to
> > the
group.
> >
> > I had thought of pointing all the remote
controllers to the
> DC's here
> > at HQ. and having
the ones here at HQ talk amongst themselves. Is
> > this a
good idea, or is there a better solution. I appreciate any
>
> input y'all can give me.
> >
> >
> >
Thanks in Advance,
> >
> > Raymond McClinnis
> >
Network Administrator
> > Provident Credit Union
> >
> > List info : http://www.activedir.org/mail_list.htm
>
> List FAQ : http://www.activedir.org/list_faq.htm
>
> List archive:
> > http://www.mail-archive.com/activedir%>
40mail.activedir.org/
> >
> List info : http://www.activedir.org/mail_list.htm
>
List FAQ : http://www.activedir.org/list_faq.htm
>
List archive:
> http://www.mail-archive.com/activedir%>
40mail.activedir.org/
>
>
> List info :
> http://www.activedir.org/mail_list.htm
>
List FAQ : http://www.activedir.org/list_faq.htm
>
List archive:
> http://www.mail-archive.com/activedir%>
40mail.activedir.org/
>
> List info :
> http://www.activedir.org/mail_list.htm
>
List FAQ : http://www.activedir.org/list_faq.htm
>
List archive:
> http://www.mail-archive.com/activedir%>
40mail.activedir.org/
>
>
> List info :
> http://www.activedir.org/mail_list.htm
>
List FAQ : http://www.activedir.org/list_faq.htm
>
List archive:
> http://www.mail-archive.com/activedir%>
40mail.activedir.org/
>
> List info :
> http://www.activedir.org/mail_list.htm
>
List FAQ : http://www.activedir.org/list_faq.htm
>
List archive:
> http://www.mail-archive.com/activedir%>
40mail.activedir.org/
>
List info : http://www.activedir.org/mail_list.htm
List
FAQ : http://www.activedir.org/list_faq.htm
List
archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List
info : http://www.activedir.org/mail_list.htm
List
FAQ : http://www.activedir.org/list_faq.htm
List
archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List
info : http://www.activedir.org/mail_list.htm
List
FAQ : http://www.activedir.org/list_faq.htm
List
archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
This E-mail, including any attachments, may be intended solely for the
personal and confidential use of the sender and recipient (s) named above.
This message may include advisory, consultative and/or deliberative
material and, as such, would be privileged and confidential and not a
public document. Any Information in this e-mail identifying a client of
the department of Human Services is confidential. If you have received
this e-mail in error, you must not review, transmit, convert to hard copy,
copy, use or disseminate this e-mail or any attachments to it and you must
delete this message. You are requested to notify the sender by return
e-mail.
|
