Ok - thinking over it it's understandable that IFM does not touch DNTs but rather use the backup as "default dit" to start from. Obviously you are not creating a default dit and open up a second dit to do a local sync. How are you handling server specific settings? Delete/change those right at the beginning of a IFM, then go ahead with the default replication to figure out the changes? Guess USNs and watermark vectors can be kept and are the same at the beginning of IFM.
However, thanks Eric and Dean for verification and additional thoughts. Ulf |-----Original Message----- |From: [EMAIL PROTECTED] |[mailto:[EMAIL PROTECTED] On Behalf Of Eric |Fleischman |Sent: Wednesday, April 19, 2006 4:39 PM |To: [email protected] |Subject: RE: [ActiveDir] User Accounts | |> DNTs are reusable in ESE, however ADs implementation does not allow |DNTs |> to be released / reused on a single server, and the database |will only |> "reuse" them if you recreate the DB by repromoting (cause |the data is |> replicated from other servers into a virgin ESE, and DNTs |are assigned |> from the beginning at this point). | |Basically, yes. Though I would point out, this is hardly |reusing DNTs...this is more starting over. :) For the sake of |clarity I would point out that such a re-promotion would need |to be over the wire and not IFM. IFM just picks up where the |last left off, as you are using the old database again, and so |the same AD level rules apply. | |~Eric | | |-----Original Message----- |From: [EMAIL PROTECTED] |[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B. |Simon-Weidner |Sent: Tuesday, April 18, 2006 11:40 PM |To: [email protected] |Subject: RE: [ActiveDir] User Accounts | |>* DNTs (to me) are _not_ a component of the directory | |IIRC they are like a (primary/foreign) key in a database. |Technically not needed by the database layer, and not needed |by the application, but needed to keep the data together for |the application. So if you look at AD from the outside it |won't be referenced, if you look at ESE it's just a DB and |doesn't care about the data stored within, but you still need |it in between to store the AD in the ESE. |Right? | |>* DNTs are not reusable | |Unique per Server and don't provide any reference across |servers. If AD looks for a parent object by looking up it's |known DNT (stored with the child), ESE would fail in that |moment, AD would not able to go to another server and look up |the same DNT in it's database. The AD is distributed, the ESE |is local, and DNTs are part of the local table. | |If I understand correctly: |DNTs are reusable in ESE, however ADs implementation does not |allow DNTs to be released / reused on a single server, and the |database will only "reuse" |them if you recreate the DB by repromoting (cause the data is |replicated from other servers into a virgin ESE, and DNTs are |assigned from the beginning at this point). | |Right? | |Gruesse - Sincerely, | |Ulf B. Simon-Weidner | | MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz | Weblog: http://msmvps.org/UlfBSimonWeidner | Website: http://www.windowsserverfaq.org | Profile: |http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B48 9-F2F1214 |C811 |D | | | ||-----Original Message----- ||From: [EMAIL PROTECTED] ||[mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells ||Sent: Wednesday, April 19, 2006 1:18 AM ||To: Send - AD mailing list ||Subject: RE: [ActiveDir] User Accounts || ||Inline is my take on an IM conv. Brett and I just had, the result and ||content of which turned up some interesting (to me at least) ||implementation details. The short story is - || ||* DNTs (to me) are _not_ a component of the directory || - they _are_ a component of the layer that bridges the |two (dblayer) || - to Brett, I believe he sees them within the sum of |"what is the ||directory" ||* DNTs (to both Brett and I) are not part of ESE ||* DNTs are limited (as Eric says) to 2^31 (~2.1 billion rows) ||* DNTs are not reusable || ||I hope the summary and conversational text inline proves useful. || ||-- ||Dean Wells ||MSEtechnology ||* Email: [EMAIL PROTECTED] ||http://msetechnology.com || || || ||> -----Original Message----- ||> From: [EMAIL PROTECTED] ||> [mailto:[EMAIL PROTECTED] On Behalf Of ||Brett Shirley ||> Sent: Tuesday, April 18, 2006 5:11 PM ||> To: [email protected] ||> Cc: Send - AD mailing list ||> Subject: RE: [ActiveDir] User Accounts ||> ||> ||> Dean, I didn't understand this comment ... ||> > But, dude, seriously, you weren't aware that AD's ESE ||used a 32 bit ||> DNT? ||> > Methinks perhaps you're muddling in the realms of personal ||> interpretation > ... though I'm quite certain you'll argue |that too ||> ... ESE purist :0p ||> ||> Are you claiming that ESE knows what a DNT is? || ||Not at all ... but IMO, neither does the directory ... and |per our IM, ||the dblayer knows what they are (after all, DNT = distinguished name ||tag ... ||blatantly not an ESE term ... and dblayer = database layer ... ||not a directory term ... hmmm) || ||> A DNT is an entirely AD concept, ESE has no idea what a DNT is. || ||Nod. || ||> ESE also has no concept of linked-values, or the link_table. || ||Now this was news to me, so here's the summary: ESE has tables ||+ columns + indices over columns. The dblayer forms the ||bridge between two technologies, one molding the behavior of |the other ||(dblayer molds ESE). ||ESE maintains no referential integrity, the dblayer does this ... ||including link-pairs <-- this part was especially surprising to me. || ||> This is the 2nd time you've confused the AD dblayer (what maintains ||> the AD schema on an ESE ||> database) and the ESE database layer. || ||Don't know that I'd agree with that since on neither occasion was the ||dblayer specifically referenced .. but it's moot for the moment since ||I'm still mulling over whether my new-found knowledge pertaining to ||link-pairs influences my opinion on where DNTs lie; directory or ||database. || || || ||List info : http://www.activedir.org/List.aspx ||List FAQ : http://www.activedir.org/ListFAQ.aspx ||List archive: ||http://www.mail-archive.com/activedir%40mail.activedir.org/ | |List info : http://www.activedir.org/List.aspx |List FAQ : http://www.activedir.org/ListFAQ.aspx |List archive: |http://www.mail-archive.com/activedir%40mail.activedir.org/ |List info : http://www.activedir.org/List.aspx |List FAQ : http://www.activedir.org/ListFAQ.aspx |List archive: |http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
