Re: MS ADAM/AD: Absolute simplest repl/sync solution for MS ADAM on 2 or more WinXP machines?

From: Al Mulnick (amulnick_No_SPAM_at_ncDOTrr.com)
Date: 12/31/04 

Date: Fri, 31 Dec 2004 12:07:02 -0500

I think it should be pointed out the ability to scale with this. Or rather
the difficulty in scaling.
I would think you could look at it like this: The replication requires
connectivity.

You'll be connected to whatever centralized instance you are running. What
makes it more useful to put the instance local? You'll now have to manage
many more db's than you previously wanted to and you'll have to replicate
the entire data set at some point as well as be worried about instances
being up to date, especially those that are on and off the network. Is it
worth it to the app? (You may have already asked these questions, but..)

LDAP is a great protocol (so's it's parent, DAP). Brilliant in many
respects. The concept tends to work best when there's a centralized
directory service for clients to query as needed. Replacing the local
directory for an app is great, but I think it lends itself to replacing it
with a centralized, more easily managed directory vs. replacing a local
directory with a local directory.

Personally, I wouldn't want the headache of multiple workstations needing to
worry about replication. That'd be like trying to herd kittens in most
instances.

What other options do you have besides local LDAP stores?

"Michael Herman (Parallelspace)"
<mwherman@parallelspace.$nospam$.net.$please$> wrote in message
news:esmvqo07EHA.1392@tk2msftngp13.phx.gbl...
> Thanks Lee,
>
> Each client instance of ADAM will be used by a single user on that WinXP
> box. (Scenario: Smart client app talking to a local instance of a
> replicated ADAM "database".)
>
> I was hoping to find a simpler repl/sync solution than the typical AD
> solution.
>
> Michael.
>
>
> "Lee Flight" <lef@le.ac.uk-nospam> wrote in message
> news:u5FacLz7EHA.1452@TK2MSFTNGP11.phx.gbl...
>> Between XP clients with no external firewall you would want them
>> to be members of the same configuration set. The level of replication
>> security you can achieve will be a function of them being joined to a
>> domain or not. See
>>
>> ADAM Help
>> Understanding ADAM
>> Replication and Configuration Sets
>>
>> If you are running on WinXP you may also have to configure the Windows
>> firewall to allow replication (I have not tested that).
>>
>> Machines separated by an external firewall is going to require more work
>> but is fairly well documented for AD
>>
>> http://www.microsoft.com/downloads/details.aspx?FamilyID=c2ef3846-43f0-4caf-9767-a9166368434e&DisplayLang=en
>>
>> and numerous KB articles. Again domain membership or otherwise is going
>> to determine the options for IPSEC is you choose that route.
>>
>> Finally, and with regard to an AD mindset, it's worthwhile reviewing the
>> differences between WinXP and W2003 ADAM support:
>>
>> ADAM Help
>> Administering ADAM
>> Running ADAM on WinXP
>>
>> and, if memory serves, I think you have a concurrent connection limit of
>> 10
>> connections under WinXP SP2.
>>
>> Lee Flight
>>
>> "Michael Herman (Parallelspace)"
>> <mwherman@parallelspace.$nospam$.net.$please$> wrote in message
>> news:eGlVQAt7EHA.2196@TK2MSFTNGP11.phx.gbl...
>>> Sorry Lee.
>>>
>>> I'm interested strictly in ADAM to ADAM repl/sync of client application
>>> data between WinXP clients (no AD or AD identity informaton ...and
>>> ideally without having to use a central server).
>>>
>>> Re: for production infrastructure you would want a W2003 server based
>>> ADAM instance
>>>
>>> It all depends on your functional requrements and design goals. It's
>>> too easy to get locked into an AD mindset when thinking about ADAM.
>>> :-)\
>>>
>>> Michael.
>>>
>>>
>>> "Lee Flight" <lef@le.ac.uk-nospam> wrote in message
>>> news:OYebH%23r7EHA.2156@TK2MSFTNGP10.phx.gbl...
>>>> Hi
>>>>
>>>> can you expand a bit on "repl/sync" is that ADAM replication within a
>>>> configuration set or are asking about sync'ing AD data into ADAM?
>>>>
>>>> As you mention AD in your subject, clearly there is no AD to ADAM
>>>> replication possible. Also for ADAM configuration sets replication is
>>>> RPC based, there is no SMTP option according to the documentation.
>>>>
>>>> The general guideline for ADAM usage on WinXP is as a developer
>>>> tool or personal data store, for production infrastructure you would
>>>> want a W2003 server based ADAM instance.
>>>>
>>>> Lee Flight
>>>>
>>>> "Michael Herman (Parallelspace)"
>>>> <mwherman@parallelspace.$nospam$.net.$please$> wrote in message
>>>> news:%23qnQEsr7EHA.2124@TK2MSFTNGP15.phx.gbl...
>>>>> What is the absolute simplest repl/sync approach for MS ADAM running
>>>>> on 2 (or more) WinXP client machines for the following 2 scenarios:
>>>>>
>>>>> 1. Two or more machines on the same LAN?
>>>>>
>>>>>
>>>>> 2. Two or more machines separated by a firewall? Specifically for the
>>>>> latter, I want to avoid the "Swiss cheese" firewall approach. Is the
>>>>> SMTP-based replication reliable, reasonable and easy-to-setup?
>>>>>
>>>>>
>>>>> I'm open to third-party solutions as well as the possibility of having
>>>>> a server-based ADAM replica in a DMZ.
>>>>>
>>>>> Cheers (and Happy New Years),
>>>>> Michael Herman
>>>>> Parallelspace Corporation
>>>>> Developers of Advanced Business Collaboration Solutions for Microsoft
>>>>> SharePoint, Microsoft Live Communications Server, Active Directory and
>>>>> Groove Workspace
>>>>> Portal and Content Migration Specialists:
>>>>> http://www.parallelspace.net/sharepoint
>>>>> SharePoint Migration Knowledge Center:
>>>>> http://groups.yahoo.com/group/sharepointmigration
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
>

Relevant Pages

  • Re: MS ADAM/AD: Absolute simplest repl/sync solution for MS ADAM on 2 or more WinXP machines?
    ... Each client instance of ADAM will be used by a single user on that WinXP ... > Replication and Configuration Sets ...
    (microsoft.public.windows.server.active_directory)
  • Re: Creating a Computer Object in ADAM
    ... I've never replicated an ADAM ... Win 2003 server down to my instance, but fails from my XP instance ... 'The attempt to establish a replication link for the following writable ... Source directory service address: ...
    (microsoft.public.windows.server.active_directory)
  • Re: Virtual List View functionality in ADAM and Outlook
    ... Patching is not an issue for clients if required to make it work. ... is that 1million user objects spread out among 9 forests and then ... Use ADAM and VLV's to provide more customized AB's to units and to off-load ...
    (microsoft.public.windows.server.active_directory)
  • Re: MS ADAM/AD: Absolute simplest repl/sync solution for MS ADAM on 2 or more WinXP machines?
    ... Michael Herman ... Developers of Advanced Business Collaboration Solutions for Microsoft ... > own replication engine. ... >>> "offline access" are these clients writing the database as well as ...
    (microsoft.public.windows.server.active_directory)
  • Re: Moving an ADAM instance
    ... The problem you are having is that ADAM doesn't have its own account policy, it is entirely dependent on the machine's policy and it sounds like the two machines have different password policies. ... I am having some trouble moving an ADAM instance from one physica server to another. ... When looking through the user properties, I noticed that ms-DS-UserPasswordExpired was set to TRUE in the replication instance, but not in the publishing instance. ...
    (microsoft.public.windows.server.active_directory)
Loading