Home | Windows | Network | Interview Questions | Database | Virtualization | Knowledge Base | Contact Us

Quick Links

Windows 2003 KB

Windows 2008 KB

Windows 2012 KB

Network KB

MS Cluster FAQ's

Knowledge Base Home



Command reference

Exchange Q&A




Active Directory FAQ's

AD History

Configuring New Domain

Deleted Object Recovery in AD

Global Catalog Server


NetDom Command

Replmon Command

NTDS Utility Guide

FSMO Guide

FSMO Failure

Network Interview Questions

SQL Interview Questions

Active Directory Trust

Group Policy Guide

IIS 6.0


RAID Levels

RPC Guide

Domain & Forest Functional Levels

SQL Failover Cluster

Understanding Replication Between Sites

Applies To Windows Server 2008, Windows Server 2008 R2, Windows Server 2012.

Active Directory Domain Services (AD DS) handles replication between sites, or intersite replication, differently than replication within sites because bandwidth between sites is usually limited. The Active Directory Knowledge Consistency Checker (KCC) builds the intersite replication topology using a least-cost spanning tree design. Intersite replication is optimized for bandwidth efficiency. Directory updates between sites occur automatically based on a configurable schedule. Directory updates that are replicated between sites are compressed to preserve bandwidth.

Building the intersite replication topology

AD DS uses information that you provide (through the Active Directory Sites and Services snap-in) about your sites and site links to build the most efficient intersite replication topology automatically. The directory stores the replication topology as connection objects, which the system creates automatically to form the replication topology both within sites and between sites. Connection objects identify replication partners for both intrasite replication and intersite replication.

These objects always represent one-way, inbound replication to the server that contains the object. The intersite replication topology is updated regularly to respond to any changes that occur in the network. You do not have to create or manage connection objects. However, you can control the timing of intersite replication through the information that you provide when you configure site link objects.


You can use Active Directory Sites and Services to administer the replication of directory data among all the sites in an Active Directory Lightweight Directory Services (AD LDS) configuration set.

Determining when intersite replication occurs

AD DS preserves bandwidth between sites by minimizing the frequency of replication and by making it possible for you to schedule the availability of site links for replication. By default, intersite replication across each site link occurs every 180 minutes (3 hours). You can adjust this frequency to match your specific needs. Be aware that increasing this frequency increases the amount of bandwidth that replication uses.

In addition to scheduling the frequency of replication, you can also schedule the availability of site links for replication. By default, a site link is available to carry replication traffic 24 hours a day, 7 days a week. You can limit this schedule to specific days of the week and times of day. For example, you can schedule intersite replication so that it occurs only after normal business hours, five days a week.

If you have multiple site links configured so that there is more than one route between two sites, you can configure the cost of replication on the site link to identify a preference for one route over the other.

Using replication transports

The default transport for AD DS replication within sites is Remote Procedure Call (RPC) over IP. RPC over IP is also used for intersite replication. The IP container in Active Directory Sites and Services contains objects that represent site links that use RPC over IP to package and transfer replication data between sites. To keep data secure while it is in transit between sites, RPC over IP replication uses both authentication (with the Kerberos version 5 (V5) authentication protocol) and data encryption.

When a direct or reliable IP connection is not available, you can configure replication between sites to use Simple Mail Transfer Protocol (SMTP). However, SMTP replication functionality is limited to nondomain replication (schema, configuration, and global catalog updates).

It also requires an enterprise certification authority (CA) when you use it over site links. SMTP is an optional component of Intersite Messaging. You must add it before you can use SMTP for replication. For more information about SMTP replication.


Intersite replication through a firewall or a virtual private network (VPN) requires some special considerations. For more information, see Active Directory in Networks Segmented by Firewalls.

AD Articles Windows FAQ's

HTML Comment Box is loading comments...

Home | Windows | Network | Interview Questions | Database| Knowledge Base | Contact Us


Designed by TechieBird