I don't know about the nitty gritty details of the replication, but Domino
handles this sort of thing VERY well. (not iSeries tech, but if the Lotus
folks can figure it out, why can't Microsoft?).
"Lukas Beeler"
<l.beeler@datalin
e.ch> To
Sent by: "Midrange Systems Technical
midrange-l-bounce Discussion"
s@xxxxxxxxxxxx <midrange-l@xxxxxxxxxxxx>
cc
04/04/2007 10:10 Subject
AM RE: Windows Integration and
Longhorn
Please respond to
Midrange Systems
Technical
Discussion
<midrange-l@midra
nge.com>
No.
You talked about reusing an older hard drive image, not rebooting.
Rebooting won't cause an USN rollback.
You will have similar problems with every multi master replication
database. Of course, I would prefer it if AD would sort this kind of
thing out on it's own, but the world isn't perfect.
Can the System i do multi master replication for A/A clustering? I don't
know, but I would be interested to hear on how this kind of thing is
handled on the i.
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[
mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Jones, John (US)
Sent: Wednesday, April 04, 2007 3:45 PM
To: Midrange Systems Technical Discussion
Subject: RE: Windows Integration and Longhorn
I understand what you're saying but I can't understand how fragile, no,
'crappy' is a better word, AD is if the mere act of rebooting an AD
server causes the environment to get messed up. Because that's what
you're saying: Reboot an AD and if any updates to the AD farm have
occurred during the reboot then the environment can't figure itself out
and gets messed up.
--
John A. Jones, CISSP
Americas Information Security Officer
Jones Lang LaSalle, Inc.
V: +1-630-455-2787 F: +1-312-601-1782
john.jones@xxxxxxxxxx
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[
mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Lukas Beeler
Sent: Tuesday, April 03, 2007 1:01 AM
To: Midrange Systems Technical Discussion
Subject: RE: Windows Integration and Longhorn
Hi John,
Okay, i will try it again.
Yes, i know it might seem foreign if you've never worked with Active
Directory before, but it's very important to know these implications.
(This is a simplified explanation, which is not 100% accurate)
Active Directory uses Multi master Replication, and you have multiple
Domain Controllers - a minimum of 2 per Site. All these Domain
controllers can make changes. Each of these changes is marked with the
server that did the changes, plus a USN from the server.
Let's assume the following:
You set up a new domain, join three more domain controllers to it,
create 100 objects on the first domain controller. Now, your USN counter
is at 100. The changes replicate to the other three controllers.
Now you make a backup of the first domain controller, using your nwsd.
You create 50 more objects. The USN counter of the server is now at 150.
Now you do a restore using an older copy of the nwsd.
The machine comes up, and has a USN counter of 100. Outbound changes
won't replicate, because other DCs think they've already seen the
changes (because you're reusing USNs). And the AD copy on the first DC
is inconsistent, because you don't get inbound replication for objects
you've created.
On W2003 SP1 and later you will get a message in your event log that
you're using an unsupported restore method.
At that point, you AD is an incoherent mess. If you only have one domain
controller (which is a very bad idea), then you won't have these issues,
because there's no replication.
-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx on behalf of Jones, John (US)
Sent: Tue 03.04.2007 05:38
To: Midrange Systems Technical Discussion
Subject: RE: Windows Integration and Longhorn
I did read the KB article but I fail to see how it applies. Activating
a restored or copied network server storage space is NOT considered a
restoration on the x86 side. All Windows (and by extension any apps
like AD) knows is that the server was shut down normally and was later
brought back up. I suggest you read up on how network servers and their
associated storage spaces are managed on the iSeries for a better
understanding.
As an Amazon Associate we earn from qualifying purchases.