locked
[MS-ADTS] Server Initialization process RRS feed

  • Question

  • In many other protocol documents "Server Initialization" is clearly explained. But in ADTS document that section is missing.

    One thing is how the Schema will be initialized? How does the server behave while Initialization is going on?

    What happens if the initialization process is interrupted? Are the initial set of entries created through normal LDAP operations?

    We have observed that when server ADDS server starts by that time its USN is already >4000, does those 4000+ operations are done for initializing server?

    Thank you

    Rajesh

    Monday, June 20, 2011 10:56 AM

Answers

  • Hi Rajesh:
    We have finished our investigation on your inquiry. I am providing the information in QA format for clarity.

    Q. In many other protocol documents "Server Initialization" is clearly explained. But in ADTS document that section is missing
    A. The work performed by a DC during booting up is implementation specific and does not appear over the wire, thus not documented in ADTS. After the DC is operational, the Windows behavior is that a replication is initiated by the DC. The replication protocol is documented in MS-ADTS section [3.1.1.5 Updates].

    Q. One thing is how the Schema will be initialized? How does the server behave while Initialization is going on?
    A. How the schema is initializes is an implementation specific detail. Different vendors may choose the appropriate initialize behavior to suit their needs. On Windows, the schema is created and saved on the local file system when a server is promoted to DC. When the DC reboots, the schema is loaded into the memory. If the server is not available to serve LDAP queries, it will not respond to LDAP ping.

    Q. What happens if the initialization process is interrupted?
    A. Again, this is implementation specific detail and implementations may differ in their implementation and behavior, on Windows If the initialization process is interrupted or failed, the DC is not operational.

    Q. Are the initial set of entries created through normal LDAP operations?
    A. Again, this is implementation specific detail and implementations may differ in their implementation and behavior, on Windows when a forest is created, the initial set of entries in the AD database is not created through normal LDAP operations. When you update an existing forest or domain, the additional entries are created using normal LDAP operations.

    Q. We have observed that when server ADDS server starts by that time its USN is already >4000, does those 4000+ operations are done for initializing server?
    A. The operations that increment the USN are performed at the time the domain is created or updated, not at boot up time of a DC. When a domain is created, many objects are created. These changes, together with the changes during the lifetime of the domain, trigger USN increments.

    Please let me know if it does not answer your questions.


    Regards, Obaid Farooqi
    Monday, July 11, 2011 7:49 PM

All replies

  • Hi, Rajesh,

       Thanks for your question.  One of our team member will work on it and respond to you soon.

     


    Hongwei Sun -MSFT
    Monday, June 20, 2011 2:53 PM
  • Hi Rajesh:

    I'll help you with this issue and will be in touch as soon as I have answer.


    Regards, Obaid Farooqi
    Wednesday, June 22, 2011 4:52 PM
  • Hi Rajesh:
    We have finished our investigation on your inquiry. I am providing the information in QA format for clarity.

    Q. In many other protocol documents "Server Initialization" is clearly explained. But in ADTS document that section is missing
    A. The work performed by a DC during booting up is implementation specific and does not appear over the wire, thus not documented in ADTS. After the DC is operational, the Windows behavior is that a replication is initiated by the DC. The replication protocol is documented in MS-ADTS section [3.1.1.5 Updates].

    Q. One thing is how the Schema will be initialized? How does the server behave while Initialization is going on?
    A. How the schema is initializes is an implementation specific detail. Different vendors may choose the appropriate initialize behavior to suit their needs. On Windows, the schema is created and saved on the local file system when a server is promoted to DC. When the DC reboots, the schema is loaded into the memory. If the server is not available to serve LDAP queries, it will not respond to LDAP ping.

    Q. What happens if the initialization process is interrupted?
    A. Again, this is implementation specific detail and implementations may differ in their implementation and behavior, on Windows If the initialization process is interrupted or failed, the DC is not operational.

    Q. Are the initial set of entries created through normal LDAP operations?
    A. Again, this is implementation specific detail and implementations may differ in their implementation and behavior, on Windows when a forest is created, the initial set of entries in the AD database is not created through normal LDAP operations. When you update an existing forest or domain, the additional entries are created using normal LDAP operations.

    Q. We have observed that when server ADDS server starts by that time its USN is already >4000, does those 4000+ operations are done for initializing server?
    A. The operations that increment the USN are performed at the time the domain is created or updated, not at boot up time of a DC. When a domain is created, many objects are created. These changes, together with the changes during the lifetime of the domain, trigger USN increments.

    Please let me know if it does not answer your questions.


    Regards, Obaid Farooqi
    Monday, July 11, 2011 7:49 PM