Configure the Lightweight Directory Service service - Part 7

Network Administration - In the final part of this series, we will introduce you to site linking objects, the process of creating copies between sites and some issues to consider in planning. disaster recovery.

Let's first learn about the site link object. Site link object is the logical structure of AD LDS like the network topology. Suppose we have created some AD LDS sites in three different cities - A, B and C. Assume that both A and B are connected to C with a WAN link, but there is no WAN link between A and B. You must then consider this topology when creating your site links. As a general principle, each site link should characterize the network connection (usually a WAN connection).

Define site link objects

Creating site objects is very simple. You only need to open Active Directory Sites and Services console, then right-click Active Directory Sites and Services , and select Change Domain Controller . When prompted, specify the name and port number of AD LDS server instance.

Once set up to connect to the AD LDS instance, navigate through the Active Directory Sites and Services | Sites | Inter-Site Transports | IP. On the IP section, you will see the default site link (DEAULTIPSITELINK), as shown in Figure A.

Configure the Lightweight Directory Service service - Part 7 Picture 1
Figure A: Navigate through the console tree to Active Directory Sites and Services |Sites |Inter-Site Transports |IP.

If you want to create a new site link, right-click on the IP entry and select the New Site Link command. When you perform this action, you will receive a prompt providing the name for the site link you are creating. Over time you can pile up many different site links because the organization will grow more and more. If this is the case, it is best to use the descriptive name for your site link.

When defining a site link, you will receive a request to specify which site will be grouped within the site link. As shown in Figure B. Remember, a fake site link is like a WAN connection and serves as a logical link between the two sites.

Configure the Lightweight Directory Service service - Part 7 Picture 2
Figure B: Provide the name for the new site link.

When you click OK , the new site link will be created.

Manage creating copies between sites

Now that we have created a site link connector, what I want to show you here is how to create a replication process between sites in an AD LDS environment. As mentioned earlier, creating replicas that appear through this site link occurs every 180 minutes (default). However, we can completely change this time to suit our needs.

To do so, right-click the site link you just created and select the Properties command from the menu that appears. At that time, Windows will display the properties page of the site link. As you can see in Figure C, the General tab of the properties page has an option that allows you to change the frequency of the replication process.

Configure the Lightweight Directory Service service - Part 7 Picture 3
Figure C: You can change the frequency of creating copies according to your needs

As shown in the figure above, you will see the properties page containing the Change Schedule button. When this button is clicked, Windows displays the schedule frame of the copy creation schedule, Figure D. It is possible to use the schedule to control the time of replication. For example, if you see a WAN bottleneck in peak times, you can configure the schedule so that sites only copy at other times.

Configure the Lightweight Directory Service service - Part 7 Picture 4
Figure D: Windows Server 2008 allows you to define a replication schedule

When observing the schedule shown in the image above, one of the things you will see is the schedule view that only allows you to enable or disable replication at a specific time of the day. The schedule has no option for changing the frequency of replication. The frequency of replication is controlled according to a global basis (for site links) on the property page of the site link. As such, there is no option to configure the site to copy more frequently during some times of the day and less in other time periods.

Some disaster recovery issues

Throughout this article series, I talked about Active Directory Lightweight Directory Services from a referral point of view. However, for real deployment, you definitely need to consider some of the following disaster recovery issues.

The first thing that I want to explain is that replication is not a complete replacement for backups.

Suppose you now have several copies of an AD LDS instance. If one of the copies on the hard drive fails, you will definitely not lose any functionality because there are alternative copies available. However suppose that the data you do not want to store is accidentally inserted into one of your AD LDS copies. Then this bad data will be copied to all other copies. The only way to restore the previous data state is to restore the backup.

Planning for Active Directory backup Lightweight Directory Services is really easy. You can backup an AD LDS instance by backing up a domain controller. Any backup application can be used to backup an AD LDS instance, including Windows Server Backup.

Most backup planning efforts focus on backup capacity and frequency. Depending on how the AD LDS instance is used, the instance can accumulate data very quickly. For example, performing a nightly backup for the instance is risky because if an error occurs, you may lose all data.

If you are afraid of this, you can implement the Continuous Data Protection solution, such as Microsoft's System Center Data Protection Manager. System Center Data Protection Manager can be configured to backup data every 15 minutes. Regardless of what backup solution you choose, you still need to ensure that it can support when the size of AD LDS instance increases.