FILE REPLICATION SERVICE: Microsoft® Windows® 2003 Server uses the File Replication service (FRS) to replicate system policies and logon scripts stored in System Volume (SYSVOL). Each domain controller keeps a copy of SYSVOL for network clients to access. FRS can also replicate data for Distributed file system (Dfs), synchronizing the content of each member in a replica set defined by Dfs. FRS can copy and maintain shared files and folders on multiple servers simultaneously. When changes occur, content is synchronized immediately within sites and by schedule between sites. File Replication service is a multithreaded replication engine that replaces the LMRepl service that is used in Microsoft® Windows NT®. Multithreaded means that several processes can run at the same time to handle multiple tasks. This allows FRS to replicate different files between different computers simultaneously. FRS does not guarantee the order in which files arrive. Files begin replication in sequential order based on when the files are closed, but file size and link speed determine the order of completion. Because FRS replicates only whole files, the entire file is replicated even if you change only a single byte in the file. FRS expands on the functionality provided by LMRepl with the following enhancements: • Multimaster replication of files and folders for allowing updates to occur independently on any server in the domain. • Site-aware clients (Microsoft® Windows® 2000, Microsoft® Windows NT® version 4.0, Microsoft® Windows® 95, and Microsoft® Windows 98 with the Active Directory add-on) for locating nearby servers hosting SYSVOL and Dfs content. • Configurable schedules for replicating Dfs and SYSVOL content between sites. • Automatic replication of folder and file attributes including ACLs. FRS is automatically installed on windows 2003 DC and Configured to start automatically. There is no Administrative control for FRS, SYSVOL replication will occur automatically. Replication of Dfs files and folders is controlled by the Dfs administrative snap-in. Key Terms FRS terms that you need to know before reading further are: Replication:. The process of copying data, from one computer to another, that converges to an identical data set over time. Replication enhances availability and file sharing by duplicating shared files. Replica : A member of a replica set that contains a copy of a shared folder or file. Replica set: Two or more copies of a shared folder that participate in replication. Each copy must be located on a different computer. Initial Master: First member in a replica set that is the starting point for automatic replication. This means the files and folders in that replica are replicated to other replicas for the first replication cycle. — Replicating Dfs Replicas Unlike SYSVOL replication, which is implicitly enabled, replication for Dfs replicas must be explicitly enabled by using the Dfs administrative console. Only domain-based Dfs can use FRS; stand-alone Dfs does not support automatic file replication. Remember that FRS is installed only on Windows 2000 servers and that the service starts automatically only on domain controllers. To start FRS on a member server, use Control Panel. Double-click Administrative Tools , double-clickServices , and then use the menu options in the Services console. To enable or disable FRS replication 1. Open the Dfs administrative console. 2. In the left pane, right-click the Dfs link for the replica set, and then click Replication Policy . 3. In the Replication Policy dialog box, click Enable and Disable as needed. If replication is being enabled for the first time, the files and folders on the first server enabled (the initial master) become authoritative. This means those files and folders are duplicated to other replicas for the first replication cycle before multimaster replication takes effect. Replication is not allowed, that is, the shared folder appears as N/A, under the following conditions: • A shared folder on a computer where FRS is not installed. • A shared folder that is not on the version of NTFS used in Windows 2000. • A shared folder that uses a cluster name in its path name. For more information about using file replication with Cluster service, see "Distributed File System" in this book. • A shared folder on a computer that does not belong to a Windows 2000 domain. • A shared folder on a computer whose domain is inaccessible by the user who is currently logged on. In addition, the following events do not trigger replication: • Changes to a file or folder's last access time. • Changes to a file or folder's archive bit. Replicating SYSVOL The Windows 2000 System Volume, or SYSVOL, is built during the creation of a domain controller by Dcpromo.exe. It is a tree of folders containing files that need to be available and synchronized between domain controllers in a domain or forest, including: • SYSVOL share. • NETLOGON share. • Windows 95, Windows 98, and Windows NT 4.0 system policies. • Windows 2000 Group Policy settings. • User logon and logoff scripts. For example, the default folder structure contains the following folders for policies or scripts used by network clients: \\Winnt\Sysvol\Sysvol\ domain_name \Policies \\Winnt\Sysvol\Sysvol\ domain_name \Scripts When you add, remove, or modify the contents of the Sysvol folder on a domain controller, those changes are replicated to the Sysvol folders on all other domain controllers in the domain. FRS uses the same connection objects as the Active Directory ™ directory service when it replicates SYSVOL content. Therefore, it uses the same schedule as Active Directory for intersite replication. However, unlike Active Directory, replicated content between sites is not compressed. How FRS Works FRS provides redundancy for the content of designated NTFS shares between Windows 2000 servers. The servers can be interconnected in any topology such as a ring or a star configuration. With an appropriate topology and sufficient network support, hundreds of computers can replicate the same set of files or folders. Conversely, one computer can be a member of multiple replica sets. FRS also provides redundancy for SYSVOL and Dfs distribution by way of multiple distribution paths between the replicas in a replica set. If one replica is down, data flows using a different route. Dampening logic prevents a data file from being sent more than once to any particular replica. Multimaster replication allows any domain controller or member server to propagate changes to replicated files and folders on any other domain controller or member server. There are no primary/secondary or master/slave relationships. When a replicated file is changed and closed, FRS submits that change to other members in the replica set. Those members decide whether to accept or reject the change according to certain criteria. For example, suppose a replica set is composed of Computer A and Computer B. If File X on Computer A is updated and then closed, FRS notifies Computer B of the change. • If the event time associated with Computer A is more than 30 minutes later than the event time for Computer B, the change is accepted immediately and Computer B is updated. If the event time associated with File X on Computer A is more than 30 minutes earlier than the event time for File X on Computer B, the change is rejected. An event time is associated with any change to a file. It denotes when the file was closed after being changed or was last replicated. The default event time window is 30 minutes. • If the event time of the change in the file on Computer A is within 30 minutes of the event time for the version of the file on Computer B, FRS checks the version numbers of the file. If the version number of the file on Computer A is greater than that of the file on Computer B, the change is accepted and the file is updated. If the version number of the file on Computer A is less than that of the file on Computer B, the change is rejected. The version number is a numerical value FRS uses to track changes occurring to a replicated file. It is assigned by a counting mechanism similar to the update sequence number (USN) used by Active Directory. When a changed file is closed, its version number increments by one. • If the version numbers for the files are equal, the event time is checked again, this time without the 30-minute window. In other words, if the event time associated with the file on Computer A is later than the event time for the file on Computer B, the change is accepted and Computer B is updated. If the event time associated with the file on Computer A is earlier than the event time for the file on Computer B, the change is rejected. FRS uses a "last writer wins" algorithm, which means that the last update to a file or folder in a replica set becomes authoritative for replication, regardless of the document version number or file size. It does not merge changes; rather, the most recent version of a particular file overwrites all older versions. This makes FRS well suited to replicate files that are updated infrequently, such as product specifications, software distribution points, and Web content. Files that contain information that is updated more frequently must accommodate two scenarios: concurrent users and replication latency. • User A and User B open the same 100-page document on different replicas. User A adds 100 pages and saves the document first; user B deletes 80 pages and then saves the document. The 20-page document that was saved last becomes the authoritative file. FRS cannot deny file sharing or enforce file locking between two users who are writing to the same file on two different replicas. • A user makes a change on a replicated Dfs share. Assume that the replication schedule for Dfs connection objects in Active Directory specifies that replication take place only at night. This means that updates originating on replicas in one site during the day are not available on replicas in other sites until the replication window opens in the evening. FRS uses Active Directory to manage configuration information so you can administer computers containing replicated data offline. This means you can add or remove replicas, change connections between replicas, or modify replication schedules without needing to communicate with the affected computer. Note The Dfs administrative console does not support full remote administration; that is, the affected computer must be online. To provide secure communications, authenticated remote procedure call (RPC) with Kerberos encryption is used over TCP/IP as the protocol between members for replication. NTFS file permissions are also replicated. Files that are locked by their owners are not replicated until they are unlocked. FRS works only with Windows 2000 because it relies on the NTFS change journal to provide a persistent (that is, logged) record of files that have changed on a member computer. Files are replicated only after they have been modified and closed. As a result, FRS does not lose track of a changed file even if the system shuts down abruptly. 1281363