Re: smtp AD site Link versus IP AD Site Link
From: ptwilliams (ptw2001_at_hotmail.com)
Date: 02/22/05
- Next message: ptwilliams: "Re: slow logon on windows 2000 domain"
- Previous message: ptwilliams: "Re: Roamin Profiles"
- In reply to: Int'l Aromatics: "Re: smtp AD site Link versus IP AD Site Link"
- Next in thread: Int'l Aromatics: "Re: smtp AD site Link versus IP AD Site Link"
- Reply: Int'l Aromatics: "Re: smtp AD site Link versus IP AD Site Link"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 22 Feb 2005 18:07:17 -0000
> if i use SMTP link will i be able to create new users and have them user
> resources (Exchange,...etc) on the other domain?
The Intersite replication transport has no bearing on normal useage, e.g.
authetication, file acces, etc. If you have a user in one domain, and you
wish for them to access resources in the parent domain, this isn't an issue;
nor is it done via SMTP. In this case it would probably be SMB over IP or
SMB over NetBT over IP (depending on which port responded quickest).
> i checked DNS using nslookup & it OK i have AD Zones, while users in DC3
> could easily log to resources in Site 1 & DC1, oppiste is not true.
What kind of tests did you run? Normal name to IP resolution doesn't cut
it. Try this:
C:\>nslookup
>set type=srv
>_ldap._tcp.dc._msdcs.forest_root_domain.com
> as i said i ran dcdaig & netdiag, ..etc and all came successfully on both
> DCs
Sounds good!
> i also see all records are in place both DNS AD zones, and DDNS is enabled
> using secure updates
Looking promising...
> if its not SMTP what could be the problem to have have access to both DCs
> from both Sites while keeping AD replication reliable ?
Err...not quite sure what you mean here. SMTP is fine for enterprise
replication (forest replication). If you are having problems accessing
resources in one domain, and name resolution *is* fine from the server side,
then have you enabled multiple DNS suffixes for the parent domain?
Remember, that by default, the parent will not try appending domain-name.com
and then child.domain-name.com without manual intervention.
Also, firewalls and the like will seriously disrupt services.
> PS: i tried AD Sizer its nice but didn't give the data i need like what
> latency would be accpeted,
Bandwidth,.....
Ah well...you can't win 'em all ;-)
The issue that you are discussing now is a bit different to that of the
original post. This is why I'm focusing on DNS...
Can you re-clarify the exact problems you are having now that I've hopefully
explained SMTP's role in all this?
-- Paul Williams http://www.msresource.net/ http://forums.msresource.net/ "Int'l Aromatics" <IntlAromatics@discussions.microsoft.com> wrote in message news:AD3A01B7-2FCE-4502-AA46-C14D29619056@microsoft.com... it seems i am missing something here if i use SMTP link will i be able to create new users and have them user resources (Exchange,...etc) on the other domain? i checked DNS using nslookup & it OK i have AD Zones, while users in DC3 could easily log to resources in Site 1 & DC1, oppiste is not true. as i said i ran dcdaig & netdiag, ..etc and all came successfully on both DCs i also see all records are in place both DNS AD zones, and DDNS is enabled using secure updates if its not SMTP what could be the problem to have have access to both DCs from both Sites while keeping AD replication reliable ? PS: i tried AD Sizer its nice but didn't give the data i need like what latency would be accpeted, Bandwidth,..... "ptwilliams" wrote: > As they're different domains, SMTP replication will replicate everything > that is needed to be replicated (enterprise partitions and GC). The > domains > will replicate using RPC/IP themselves. > > I don't think lack of replication is your issue. > > However, if the child domains aren't authenticating, etc. then this > suggests > DNS problems. If you have poor lines, you should ensure that each > physical > site is an AD site and that there's local resources on each site, > especially > DNS. You will probably benefit from delegating the child domains to DNS > servers in the child domains. > > As for minimum bandwidth, AD's pretty robust with slow links; it tends to > fall over, like most networking apps, with noisy or high-latency lines. > I've happily run AD over 64Kb ISDN with no issues -even pushed software, > etc. There's a free tool on MS' site called AD Sizer. Have a look for > this; it will indicate type of connectivity based on user, etc. > > Herb probably has a lot of these facts burned into his brain from his MS > days... > > There's some serious, and interesting info. available on how much traffic > replication, logon, etc. generates; as is there on NTDS sizes, etc. > > -- > > Paul Williams > > http://www.msresource.net/ > http://forums.msresource.net/ > > "Int'l Aromatics" <IntlAromatics@discussions.microsoft.com> wrote in > message > news:5A2C3996-A82C-4EE7-8A78-7EAC30FB942E@microsoft.com... > hi, > > i used SMTP site link when i failed to getting working using IP site link, > i > understand that not everything is being replicated as that what i was > trying > to find a work around. > > i created a child domain as this a subsdiary of our company and they have > everything independant from us, and also SMTP site Link is giving me no > choices. > > "Ryan Hanisco" wrote: > > > And remember that SMTP does not replicate everything. Use IP if at all > > possible. You get more scheduling flexibility and better error checking > > this way. > > > > While Child-domains should only be used in specific circumstances, you > > would > > really want to consider this with foreign servers. Local laws can force > > monitoring and permissions that you don't want at your core. > > > > -- > > Ryan Hanisco > > MCSE, MCDBA > > FlagShip Integration Services > > > > "Int'l Aromatics" <IntlAromatics@discussions.microsoft.com> wrote in > > message > > news:69254B85-043F-46E4-A1AA-82791F24851B@microsoft.com... > > > your help is greatly needed because i have a forest with several child > > > domains, as for site 1 & 2 they are connected with IP links & working > > > fine > > > but site 1 & 3 they are connected with SMTP as when i used IP > > > replication > > > failed as the network connection is not stable. > > > > > > now with SMTP replication is OK but when i try logging in with > > > enterprise > > > admin account i failed with an error stating that "Access is denied" > > > thus > > > preventing me from changing any setting that need enterprise admin > > > rights > > > like DNS, exchange, .... > > > > > > i have another site to be added soon and it will be using the same > > > network > > > connection thus i expect same problems, and that site is overseas, > > > which > > > make > > > even harder. > > > > > > help is really apperciate but i hope i get some reply soon > > > > > > -- > > > Eng. M William > > > > > > > > >
- Next message: ptwilliams: "Re: slow logon on windows 2000 domain"
- Previous message: ptwilliams: "Re: Roamin Profiles"
- In reply to: Int'l Aromatics: "Re: smtp AD site Link versus IP AD Site Link"
- Next in thread: Int'l Aromatics: "Re: smtp AD site Link versus IP AD Site Link"
- Reply: Int'l Aromatics: "Re: smtp AD site Link versus IP AD Site Link"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
