Manualshelf

Datasheet

ManualsBrandsWiley ManualsSoftware978-0-470-45852-5
11121314151617181920
Active Directory for Exchange Server 2007
13
the other domain controllers within that site. After replication has occurred with the first
replication partner that domain controller has, it will wait three seconds and then commence
replication with its next replication partner, and so forth, until the original domain controller
has replicated with all replication partners within that site.
Replication latency occurs when a change made on one domain controller has not been
replicated to another domain controller, either in the same site or in a different site. Obvi-
ously, the replication latency within a site should always be much lower than that between
sites, but should replication problems arise between domain controllers, latency can even
exist within a site. On the surface, replication latency is not completely desirable, and it
must be dealt with accordingly when using a distributed multimaster replication environment
like Active Directory uses. Faster, higher-quality (or cheaper) WAN links will lend themselves
to configuration replication occurring more frequently than slower, less reliable (or more
expensive) WAN links. The price to be paid for lower replication latency in an Active Direc-
tory environment that is otherwise healthy and functioning properly is the cost of pushing
more data over these typically congested and high-cost WAN links. The administrator who
is ultimately responsible for managing Active Directory across your organization will have to
determine what is best to meet their specific needs.
To learn more about Active Directory, start by checking out the Windows
Server 2008 product documentation. It provides an overview of the tech-
nology and illustrates many of the benefits of using Active Directory.
Active Directory and Exchange Server 2007
In versions prior to Exchange 2000 Server, Exchange maintained a directory of its own
through a service known as the Directory Service. The Directory Service maintained a copy
of the directory in a database file on each Exchange server and took care of replicating
changes in the directory to other Exchange servers.
Since Exchange 2000 Server, Exchange has been totally reliant on Active Directory
to provide its directory services. This reliance causes a shift in the way that the Exchange
directory is maintained. The section “Forests” examines the effects that boundaries of a
forest place on Exchange. Then the section “Domain Name Service (DNS)” looks at the
interaction of DNS in an Exchange organization.
Forests
By default, the global catalog shows objects only within a single Active Directory forest,
so an Exchange organization must be within the boundaries of a forest. This is different
from earlier versions of Windows NT and Exchange 5.5. In previous versions, an Exchange
organization could span domains that did not trust one another because Exchange 5.5 did
not rely so much on the underlying security structure of Windows NT. With Active Direc-
tory and Exchange Server 2007, the security structure is integrated, which means a single