Thanks for watching the video. You can access the list of videos via the play list or the web site. Adding numbers to the videos is an excellent idea which we will look into doing.
Just to point out that in Microsoft is all PULL technology, not PUSH. Meaning, if something changes within, it will not "SEND" data to other Domain Controllers. DC that has changes will NOTIFY their replication partners to come and pick up data. Thank you for brilliant series.
No you do not require a domain controller in order to set up a site. When you run DCPromo it will ask you for a site to put the domain controller in. For this reason I would always set up the site first so that the domain controller can be put in the correct site straight away without having to be moved later. You could even setup the domain controller in a different network for that site and ship it to the other site pre configured. Glad to hear you like the videos.
This channel is so extensive, there's never a single topic that isn't covered. Don't know if I should google things or just go to itfreetraining because I end up coming here regardless haha.
I watch and recommend your videos to everyone I know. Thank you for not telling lame jokes during your presentation like CBT Nuggets does. I can't watch their videos because of it. Keep up the great work!
This is perhaps the best video to learn about sites and replication. Appreciate your efforts for explaining with animation. This has certainly helped to learn the concepts. Glad I stumbled upon this...Great Work!!!!
You can set up a site without a DC in that site. You could add a DC later that day, a month, a year later or not at all. If there are no DC's at the site there is nothing to replicate to. If you want to apply group policy at the site level you would need to create a site in order to do this. This is one reason why you may create a site that does not have a DC in it.
You are incredible, I never watched that much simple video on replication topic, My all doubt have been cleared, Thank you so much. Please share videos on AD partitions and LDAP as well.
I have seen one time this video for learning AD replication... It was a fantastic video for online learning user.. Now i have get clear vision about AD replication. Thanks lot....
In most cases changes will not take effect until replication has occurred so you are correct. Account lockouts however are replicated straight away to the PDC emulator. So if the account is locked the PDC emulator will know about it straight away.
One of the best video I find in RUclips for Active directory Sites and Services, Video and Sound quality is very good, the speed of training was excellent, no rush at all like many other video. Beautiful and Excellent job. Many thanks in advance Only one comment, if the Video get tagged with number would be very easy to follow the training, for example why was mentioned in the beginning of video "my previous video" not sure which to look for. Thanks again. :))
Yes, SMTP is a better choice if your network is not very reliable. Just remember it does not not support file repletion so you will still need to use IP in some cases. However, there is no reason SMTP can't be the main protocol and IP mainly used for file replication. I would schedule the SMTP to run first and IP later to cover both bases. The SMTP would then replicate all the required AD traffic before IP ran. If you don't have much file rep, IP could be schedule IP rarely.
Host only should work. If the servers are on a different subnet you can also create a separate network for them.If you want to access the internet you will need a router. We have a video series coming up explaining how to do this. First attempt to ping the other server and make sure there is a network connection. Try running repadmin /Showrepl and see if there are any replication partners. If you have just prompted the server, it sounds like a DNS problem. Configure DNS to the other DC.
I am not sure what you are referring to. When you promote a server to a Domain Controller it will ask which site you want to put it in. You can always move it later on if you need to. I am guessing in this case we may have deleted all the sites before we did the demo and recreated them for the demo. For this reason the servers when back into the sites there were in before when the sites were recreated.That is all I can think of that may have caused what I think you are referring to.
Yes it is SMTP. The reason it was used was because the TCP/IP was not as established as it is today when Active Directory was first created. For this reason they needed a protocol that would work over links that were not connected via TCP/IP. Even though SMTP is still available, I doubt that is used much now days.
I assume that all your branches are connected directory to the office. If this is the case you need to set up a 6 links. One from each branch back to the main office. If the offices are connected to each other, you can also create site links between them for redundancy if you wish.The point to remember this the connections that you crate should mirror your network. For example if branch 4 was connected to branch 5 to the head office, you should create a link between 4 and 5 and 5 and office.
If for example an admin made the change, the change may be made on a Domain Controller that is different from what the user is using. If the user connects to a remote file server that server may decide it needs to authenticate the user or obtain details for the user it will contact a local Domain Controller. Laptop user changes network, e.g. wired to wireless, may need to authenticate again. The password is just an attribute of the user.
Congratulations for the incridible videos, you guys are awesome, It's helping me a lot to study for the 70-640 exam. Keep up with the good work, the channel have my support, Thanks again.
Thank you for this video. Site links was very well explained. I liked the graphics verses someone doing it on a white board talking off the cuff. You're clear and concise - well thought out in presentation. Thank you.
All though it is not recommend it is something you could try. I worked on such a configuration and it work well most of the time. Since you only have 6 sites you could create 3-4 different site links with 3 sites in each. This should give you some redundancy. If you want a full mesh you would need to create all the site links which is administrative a lot of work, but that what you need to do for a full mesh. This is why full mesh is not always that popular.
Truly wonderful videos, I'm super impressed and they're helping me a lot at the moment with a course I'm doing. However I'm so shocked throughout this video series to see how primitive AD services still are - still assuming horrible network connections, using SMTP to transfer "not mail", the age of consoles and their complexity of use and the fact that so many options seem to be just about everywhere, nothing is very concentrated and simplified when there is clearly MASSIVE potential for simplification. I say this even today while using Server 2019, because not a lot has changed to the fundamental architecture.
ISTG is missing in this video as it generates the site links between the sites and automatically chooses bridgehead server if bridge head server goes down.
Hello, thanks for the tutorial.I don't understand one thing, though: How does a DC know that the DC from which it replicates has the NEWEST sysvol in the domain? What if the lowest cost of a link links the DC to another DC that doesn't have the sysvol replicated either. Thank you
+GotterVibez Inevitably and ideally, the replication will make it out to all of the DCs. More technically, Active Directory performs a lot of assignment and configuration in the backend such as utilizing the Knowledge Consistency Checker (KCC) and designating an Intersite Topology Generator (ISTG) to ensure the accuracy of replications. Mainly though, the KCC is able to compare using determined configuration errors to identify the potential gaps that need replication.
We have them all connected to main office through VPNs, some links slower than others. I don't think any of the branch offices have to go through another branch to connect to our main office if this is what you ask. BTW great video thanks for posting.
All the videos that I have seen so far from you have been very well done. I do have a question about this one though. Do you have to have a DC in the remote location to set up a site?
Not exactly what I meant. What I was trying to ask is do you need a DC at the remote location at all for it to still be a valid site. It sounds like you really need a bridgehead server to have a site, or at least for it to be worth setting up.
I don't understand one aspect of the intersite transport links. We have in our organization 6 branch offices outside of our main office. All the branch offices have only 1 domain controller and our main office has 2 dc's. How would I set up the intersite links? Should i just set up branch 1 to hq, branch 2 to hq, branch 3 to hq, and so on? Or do i need to make other links such as branch 1 to branch 4, branch 5 to branch 6. This seems a bit convoluted. I have bridge all site links to on.
thanks for your video, it helped me a lot.. my question is: in practical environment if I scheduled the replication to occur after business hours to another domain, do you think that will affect on the permit for any user, I mean If I deleted as I am administrator at another site, that will not affect on him until next day and he can logon in that day.. what do you think ???
This is amazing work, I know the server in your videos is Win 2008 R2 and not much has changed how AD works. Is it still possible to have these excellent videos on a latest version of Win Server 19? or even 2016 ?
can dcs of different domains be placed in same site and subnet. i checked various sites and some say yes and some say no. im not satisfied. if an office has branches in 5 locations world wide and have 2 domains. now they are keeping 2 dc per domain in each site. so totally 4 dcs per sites but each site has 2 dcs per domain. shouldall 4 be placed on same subnet? or different subnet?? if they are placed on different subnet how will the replication from the dcs of other sites take plave to thsese dcs. also how will intrasite replication take place? pls explain this. thanks in advance!
You're right, there seems to be conflicting information about placing DCs from different domains in the same subnet. Here's a breakdown of the best practices and considerations: Placing DCs of different domains in the same subnet: Generally not recommended: This can create confusion and security risks, especially with DNS resolution and access control. Possible, but with careful configuration: You'll need stricter firewall rules and VLAN segmentation to ensure each domain's DCs only communicate with authorized devices. Complexity increases: Managing separate domains in the same subnet requires more expertise and attention to detail. Recommended Approach: Use separate subnets for each domain: This provides clear physical and logical separation, simplifying management and enhancing security. Intrasite replication within each domain: Configure replication within each domain's subnet for efficient data synchronization between DCs. Intersite replication with dedicated links: Establish secure tunnels or dedicated VPN connections between sites for intersite replication between DCs belonging to the same domain. Specifics for your scenario: Having 2 DCs per domain per site is common practice for redundancy and fault tolerance. Keep each domain's DCs in their own subnets: This is the safer and more manageable approach. Intersite replication between DCs of the same domain: Use dedicated intersite links or VPN connections, not relying on the shared subnet. Intrasite replication within each domain's subnet: Configure intrasite replication to keep DCs within the same site synchronized. Keep in mind that as long a client can resolve the DC, it can login to it. So you could have a client for a different domain in a subnet for that domain. You just need to make sure it can resolve the required DNS records.
your video is very helpful to me I have learnt lots of important thing, could you please create a video how to troubleshoot AD replication via command line and DC diag command of use.
![Megan Thee Stallion - Bigger In Texas [Official Video]](http://i.ytimg.com/vi/QxTkZTLWdo4/mqdefault.jpg)
No problem at all, it is good to hear that you liked the video.
I love ITFReeTraining. It is one of the few things I can rely on to be accurate and they make things easy to understand.
Thanks so very much for your feedback!
I had lot of confusion in sites n Services. After seeing this video comprehensively cleared all of my doubts.Thanks for the video...
..
Thanks for watching the video. You can access the list of videos via the play list or the web site. Adding numbers to the videos is an excellent idea which we will look into doing.
Just to point out that in Microsoft is all PULL technology, not PUSH. Meaning, if something changes within, it will not "SEND" data to other Domain Controllers. DC that has changes will NOTIFY their replication partners to come and pick up data. Thank you for brilliant series.
No you do not require a domain controller in order to set up a site. When you run DCPromo it will ask you for a site to put the domain controller in. For this reason I would always set up the site first so that the domain controller can be put in the correct site straight away without having to be moved later. You could even setup the domain controller in a different network for that site and ship it to the other site pre configured. Glad to hear you like the videos.
Thanks for the like, sub and watching the video. More video to come. :)
This channel is so extensive, there's never a single topic that isn't covered. Don't know if I should google things or just go to itfreetraining because I end up coming here regardless haha.
Thanks for the comment. Glad you liked the videos.
Thanks for watching. You will always be able to watch the videos for free.
I watch and recommend your videos to everyone I know. Thank you for not telling lame jokes during your presentation like CBT Nuggets does. I can't watch their videos because of it. Keep up the great work!
Thanks very much. It is good to know that our videos are appreciated. Thanks for recommending the videos to others, that helps us a lot.
This is perhaps the best video to learn about sites and replication. Appreciate your efforts for explaining with animation. This has certainly helped to learn the concepts. Glad I stumbled upon this...Great Work!!!!
Glad it was helpful!
Really appreciate the videos. Way easier to understand and better presented than any Learning Tree or Global Knowledge class.
Thanks very much. Glad we could help.
Sir this is the first video that I have watched with soo much explained about replication from beginning to expert
Thanks for watching.
Thanks, glad you like the videos. More free videos to come.
Thanks very much and thanks for watching.
I never seen a better video explaining replication
Thank you!
passed my 70-410 and 11 with the help of your videos. Re taking 70-412 by clearing the weakest concepts from your videos.
wonderful work, no one provides these kinds of videos for free.
Glad you like the videos.
Thanks a lot and thanks for watching.
No problem at all and thanks for watching.
Excellent. Glad to hear you liked the video.
You can set up a site without a DC in that site. You could add a DC later that day, a month, a year later or not at all. If there are no DC's at the site there is nothing to replicate to. If you want to apply group policy at the site level you would need to create a site in order to do this. This is one reason why you may create a site that does not have a DC in it.
I must say Thanks a million for these courses. Save me a lot of money and makes me better prepare for my exams.
You're most welcome, thanks for choosing ITFreeTraining!
You are incredible, I never watched that much simple video on replication topic, My all doubt have been cleared, Thank you so much.
Please share videos on AD partitions and LDAP as well.
I have seen one time this video for learning AD replication... It was a fantastic video for online learning user.. Now i have get clear vision about AD replication.
Thanks lot....
Sathish KumarThanks very much. We're always happy to hear you found our video useful
Very professionally done and very well explained. Thank you for all your hard work. These are great. Can' wait for the Server 2012 content.
The best I like about the training is the basic and clear understanding of concept.
Thank you once again...
Thanks very much.
thanks for supplying clear and concise information from an IT student in Training. Soo soo good
Thanks very much and thanks for watching.
In most cases changes will not take effect until replication has occurred so you are correct. Account lockouts however are replicated straight away to the PDC emulator. So if the account is locked the PDC emulator will know about it straight away.
One of the most awesome presentation i have been given to assist, really thank you very much.
Thanks for taking the time to leave a comment.
One of the best video I find in RUclips for Active directory Sites and Services, Video and Sound quality is very good, the speed of training was excellent, no rush at all like many other video. Beautiful and Excellent job. Many thanks in advance
Only one comment, if the Video get tagged with number would be very easy to follow the training, for example why was mentioned in the beginning of video "my previous video" not sure which to look for. Thanks again. :))
Thanks very much. More videos to come and they will all be free.
These videos are very good. Easy to understand! Thanks for your hard work, you gave me a lot information for my exam.
Yes, SMTP is a better choice if your network is not very reliable. Just remember it does not not support file repletion so you will still need to use IP in some cases. However, there is no reason SMTP can't be the main protocol and IP mainly used for file replication. I would schedule the SMTP to run first and IP later to cover both bases. The SMTP would then replicate all the required AD traffic before IP ran. If you don't have much file rep, IP could be schedule IP rarely.
Love these videos. You do a great job of explaining what could be complex tasks and theories.
Excellent video about AD replication between sites
As usual, another awesome video from you all at itfreetraining! Thank you for them all.
+south erus You're most welcome! Thanks very much for the feedback and thanks for watching!
Thanks, glad you liked the video.
Thanks. Glad we could help.
Host only should work. If the servers are on a different subnet you can also create a separate network for them.If you want to access the internet you will need a router. We have a video series coming up explaining how to do this.
First attempt to ping the other server and make sure there is a network connection.
Try running repadmin /Showrepl and see if there are any replication partners.
If you have just prompted the server, it sounds like a DNS problem. Configure DNS to the other DC.
still these videos are gold
Thanks very much for wathcing.
I am not sure what you are referring to. When you promote a server to a Domain Controller it will ask which site you want to put it in. You can always move it later on if you need to. I am guessing in this case we may have deleted all the sites before we did the demo and recreated them for the demo. For this reason the servers when back into the sites there were in before when the sites were recreated.That is all I can think of that may have caused what I think you are referring to.
Yes it is SMTP. The reason it was used was because the TCP/IP was not as established as it is today when Active Directory was first created. For this reason they needed a protocol that would work over links that were not connected via TCP/IP. Even though SMTP is still available, I doubt that is used much now days.
Thanks very much. Hopefully we will be starting on the Server 2012 soon.
Just Awesome
Your welcome. Thanks for watching.
Maybe try our video introduction to Active Directory.
I assume that all your branches are connected directory to the office. If this is the case you need to set up a 6 links. One from each branch back to the main office. If the offices are connected to each other, you can also create site links between them for redundancy if you wish.The point to remember this the connections that you crate should mirror your network. For example if branch 4 was connected to branch 5 to the head office, you should create a link between 4 and 5 and 5 and office.
Very nice and well drafted for presentation. Excellent work!
Thanks very much. glad to hear the you like the video.
DWL how easy to understand your videos are. 🤣 Any fool can learn watching these. 🤓👍🏾 Ty!
Thanks for your incredible feedback and thanks for watching. :)
Your videos are very helpful! Thank you very much for the time you spent on them!
If for example an admin made the change, the change may be made on a Domain Controller that is different from what the user is using.
If the user connects to a remote file server that server may decide it needs to authenticate the user or obtain details for the user it will contact a local Domain Controller.
Laptop user changes network, e.g. wired to wireless, may need to authenticate again.
The password is just an attribute of the user.
Congratulations for the incridible videos, you guys are awesome, It's helping me a lot to study for the 70-640 exam.
Keep up with the good work, the channel have my support,
Thanks again.
Thank you very much!
No problem at all. Sounds like you have the right solution if they all connect back to main office with a VPN.
Thanks very much, more videos to come.
Excellent Video
Got the proper information's about replications
+Ankush Karade
Thank you, glad you found it helpful
perfect video i have find till joining IT industry as an admin
Thanks for watching.
Thank you for this video. Site links was very well explained. I liked the graphics verses someone doing it on a white board talking off the cuff. You're clear and concise - well thought out in presentation. Thank you.
Thanks very much.
Thank you very much for these videos!!! You guys are amazing!!!
Thanks a lot. You have a new way to transfer your knowledge. Is clearly your explication.
Thanks. No problem at all.
Thank you for taking your time and making these helpful videos. Keep up the good work! Will continue to follow your work.
Thanks very much. Glad you like the videos.
Many Many thanks! Excellent explanations and demonstrations in all videos! VERY GOOD!
Thank you very much for your feedback. We're glad that you enjoyed the content!
Every videos are so goooood! tkans very much ITFreeTraining. I wait for your same videos about server 2012
Thanks very much. Videos on Windows Server 2012 R2 on the way.
great visualization of concepts...thank you
+Jose J Pothoor You're welcome. Thanks for watching.
Awesome Video...now i have a very clear idea on site links... thanks a ton!!!!!
Thank you, we're glad you found the video helpful
All though it is not recommend it is something you could try. I worked on such a configuration and it work well most of the time. Since you only have 6 sites you could create 3-4 different site links with 3 sites in each. This should give you some redundancy. If you want a full mesh you would need to create all the site links which is administrative a lot of work, but that what you need to do for a full mesh. This is why full mesh is not always that popular.
Thanks very much. Glad we could help.
Thanks for clear explanation. I understood clearly.
We're glad it helped you!
Awesome presentation man. excellent video
Thanks!
Nice explained...your voice is great. ISTG strategy is missed..!Different between ISTG and KCC!
No we do not have an exchange videos.
the best video about replication!!! thank you so much
You're most welcome, thanks for watching.
superb explanation with simple graphics,,,
Thanks very much.
Truly wonderful videos, I'm super impressed and they're helping me a lot at the moment with a course I'm doing. However I'm so shocked throughout this video series to see how primitive AD services still are - still assuming horrible network connections, using SMTP to transfer "not mail", the age of consoles and their complexity of use and the fact that so many options seem to be just about everywhere, nothing is very concentrated and simplified when there is clearly MASSIVE potential for simplification. I say this even today while using Server 2019, because not a lot has changed to the fundamental architecture.
excellent video cleared all my doubts
+Pritesh Aattawala Glad we were able to help you clear them up.
ISTG is missing in this video as it generates the site links between the sites and automatically chooses bridgehead server if bridge head server goes down.
good
Very useful videos. Thanks a lot for your effort.
Glad it was helpful!
itfreetraining, thank you!
+Billy Wilson Arante You're welcome. Thanks for watching!
Hello, thanks for the tutorial.I don't understand one thing, though: How does a DC know that the DC from which it replicates has the NEWEST sysvol in the domain? What if the lowest cost of a link links the DC to another DC that doesn't have the sysvol replicated either. Thank you
+GotterVibez Inevitably and ideally, the replication will make it out to all of the DCs. More technically, Active Directory performs a lot of assignment and configuration in the backend such as utilizing the Knowledge Consistency Checker (KCC) and designating an Intersite Topology Generator (ISTG) to ensure the accuracy of replications. Mainly though, the KCC is able to compare using determined configuration errors to identify the potential gaps that need replication.
by comparing the update sequence numbers i believe
Thanks.
Excelente Video, saludos desde Chile!!!
+Eduardo Campbell Thank you!
Excellent video. Thanks!
You're most welcome! Thanks for watching.
We have them all connected to main office through VPNs, some links slower than others. I don't think any of the branch offices have to go through another branch to connect to our main office if this is what you ask. BTW great video thanks for posting.
thx for this video very very very helpful.thx for ur hard work.
All the videos that I have seen so far from you have been very well done. I do have a question about this one though. Do you have to have a DC in the remote location to set up a site?
Not exactly what I meant. What I was trying to ask is do you need a DC at the remote location at all for it to still be a valid site. It sounds like you really need a bridgehead server to have a site, or at least for it to be worth setting up.
I don't understand one aspect of the intersite transport links. We have in our organization 6 branch offices outside of our main office. All the branch offices have only 1 domain controller and our main office has 2 dc's. How would I set up the intersite links? Should i just set up branch 1 to hq, branch 2 to hq, branch 3 to hq, and so on? Or do i need to make other links such as branch 1 to branch 4, branch 5 to branch 6. This seems a bit convoluted. I have bridge all site links to on.
In AD replication What AD components are replicating?like example SYSVOL,what others are replication in intrasite ,inter site ?
thanks for your video, it helped me a lot.. my question is: in practical environment if I scheduled the replication to occur after business hours to another domain, do you think that will affect on the permit for any user, I mean If I deleted as I am administrator at another site, that will not affect on him until next day and he can logon in that day.. what do you think ???
Awesome Great Work
This is amazing work, I know the server in your videos is Win 2008 R2 and not much has changed how AD works. Is it still possible to have these excellent videos on a latest version of Win Server 19? or even 2016 ?
You are a Hero....Thank you
Thanks very much.
thanks for uploading the video....its gr8
can dcs of different domains be placed in same site and subnet. i checked various sites and some say yes and some say no. im not satisfied. if an office has branches in 5 locations world wide and have 2 domains. now they are keeping 2 dc per domain in each site. so totally 4 dcs per sites but each site has 2 dcs per domain. shouldall 4 be placed on same subnet? or different subnet?? if they are placed on different subnet how will the replication from the dcs of other sites take plave to thsese dcs. also how will intrasite replication take place? pls explain this. thanks in advance!
You're right, there seems to be conflicting information about placing DCs from different domains in the same subnet. Here's a breakdown of the best practices and considerations:
Placing DCs of different domains in the same subnet:
Generally not recommended: This can create confusion and security risks, especially with DNS resolution and access control.
Possible, but with careful configuration: You'll need stricter firewall rules and VLAN segmentation to ensure each domain's DCs only communicate with authorized devices.
Complexity increases: Managing separate domains in the same subnet requires more expertise and attention to detail.
Recommended Approach:
Use separate subnets for each domain: This provides clear physical and logical separation, simplifying management and enhancing security.
Intrasite replication within each domain: Configure replication within each domain's subnet for efficient data synchronization between DCs.
Intersite replication with dedicated links: Establish secure tunnels or dedicated VPN connections between sites for intersite replication between DCs belonging to the same domain.
Specifics for your scenario:
Having 2 DCs per domain per site is common practice for redundancy and fault tolerance.
Keep each domain's DCs in their own subnets: This is the safer and more manageable approach.
Intersite replication between DCs of the same domain: Use dedicated intersite links or VPN connections, not relying on the shared subnet.
Intrasite replication within each domain's subnet: Configure intrasite replication to keep DCs within the same site synchronized.
Keep in mind that as long a client can resolve the DC, it can login to it. So you could have a client for a different domain in a subnet for that domain. You just need to make sure it can resolve the required DNS records.
wow, excellent explanation.
your video is very helpful to me I have learnt lots of important thing, could you please create a video how to troubleshoot AD replication via command line and DC diag command of use.
Thank you.