Synchronization over WAN and Remote Area Service

Consideration should be given to the amount of traffic that account synchronization places on WAN or Remote Access Service (RAS) dial-up lines. Avoid full synchronizations across WAN links. Full synchronizations are required when first setting up a new PDC or bringing a new location online. Full synchronizations are also initiated when more than 2,000 changes happen to users or groups within a short time (less than one hour). If you anticipate high change activity, you can increase the value for the size of the change log. If the above conditions do not exist, the synchronization process will include only the changes made in the directory database since the last time synchronization occurred.

BDC Over a RAS Link

A BDC can be connected to a remote domain using Windows NT, a modem, and the Windows NT Server RAS.

Using a RAS-connected BDC as a PDC

If a RAS-connected BDC is expected to be promoted to PDC at some time when it is remotely connected to the domain, this BDC should be set up as a dial-out-only RAS client (RAS is not running on this computer). If you promote the RAS-connected client, NetLogon stops, changes roles, and restarts. RAS depends on NetLogon, so when NetLogon stops, you would lose your connection. By having the RAS client dial-out services on this remote BDC, it can function as a PDC because that functionality does not depend on NetLogon running constantly. If neither the RAS server (which could also be a BDC) nor the RAS-connected BDC are ever expected to serve as PDC, this is not an issue. A RAS-connected BDC that has been promoted to PDC will function as it should, but may respond more slowly, depending on line speed.

Partial Synchronization with a RAS-connected BDC

The default value for ChangeLogSize should be increased if either of the following conditions exist:

Changing the default log size may also be necessary if many changes occur while a BDC is off-line. Otherwise, that BDC may be forced to do a full synchronization of the database.

If few changes occur during the time a BDC is not connected to the PDC, then the default size is sufficient. If an administrator notices a BDC doing full synchronizations, then it is probably a good idea to increase the ChangeLogSize. The default value for ChangeLogSize is 64K, which handles approximately 2,000 changes.

Calculating Replication Times

Managing the amount of network traffic so that response time remains acceptable is an important part of administration. When the PDC is located across a WAN or modem link, you can estimate the amount of traffic and time needed to replicate directory database changes to and from the PDC and then schedule this traffic to meet the needs of the site. The following chart helps you calculate the time needed for replication:

Factors

Password changes per month

Number of user accounts

A

Passwords expire in how many (calendar) days

B

Divide B by 30

C

User account changes A + C

D

Additional changes per month

If number not knows, use 5% of D

E

New user accounts

F

Group changes * 4

G

New machine accounts * 5

H

Amount of data to be replicated per month

D + E + F + G + H

I

Total monthly replication time

Compute throughput; modern/line speed in bps, If in KB, multiply by 1024 (i.e. 56KB = 57344 bps)

J1

J1 * 8 bits/bytes =

J2

J2 * 60 sec./min. =

J3

J3 * 60 min./hour = total throughput

J

I/J = total replication time (hours/month)

K


Figure 2.10 Job Aid to Calculate Monthly Replication Time