Data Centers

Understanding Windows NT directory replication

You create special logon scripts and configuration files on your Windows NT servers. How do you make sure there are up-to-date copies on all of your servers? Troy Thompson shows you how using NT directory replication.

You know Windows NT has many system files that you need to maintain. Add on top of this files, like logon scripts and configuration files, that you may want to maintain across different servers on your network. How do you keep these files synchronized? One way is by using directory replication. In this Daily Feature, we’ll look at Windows NT Directory Replication.

What is directory replication?
Directory replication is simply duplicating a master set of directories from one server to other servers or workstations within your domain or across domains. This process helps simplify the task of maintaining identical sets of directories and files on multiple computers by maintaining only a single master copy on a single server. Most aspects of directory replication are managed for a particular computer by using either the Server Manager Properties command or the Server tool in Control Panel.

Directory Replicator service
The Directory Replicator service must be configured properly and started before replication can occur. You must assign an appropriate logon account to the Directory Replicator service of each computer that will participate in replication. Using User Manager For Domains, create a domain user account that the Directory Replicator service will use to log on.

This account must be configured to have a password that never expires. It must also have all logon hours allowed, as well as membership in the domain Backup Operators group. The Directory Replicator service must be configured to start up automatically and to log on using the account described above for each computer that will participate in the replication process.

Configuring the directory replication export server
The export server is the server that maintains the files to be replicated. Any server that is running Windows NT Server can be an export server, but computers running Windows NT Workstation cannot.

To set up an export server, you must first create the subdirectories that will be exported. You can do this using Windows Explorer. There’s nothing special about the directories. Just create them like any other data directory on your network.

You don’t have to add files when you initially create the subdirectories. Once the subdirectories are created, copy the files that will be exported into them. Any files added to these subdirectories at a later time will automatically be exported.

You set up the replication process with Server Manager. To start Server Manager, select Programs from the Start menu and click Administrative Tools (Common). Then, click Server Manager in the Administrative Tools (Common) menu.

When the Server Manager window appears, double-click the computer that will be used as the replication export server. This will bring you to the Properties sheet for the server, shown in Figure A. Not only can you configure Replication at this point, but you can also manage Users, Shares, and files that are in use from this screen. Click Replication to bring up the Directory Replication screen shown in Figure B.

Figure A
In Server Manager, double-click the server you want to use as the export server to bring up the Properties sheet for the selected server.

Figure B
When you click Replication on the server’s Properties sheet, you’ll see this Directory Replication screen.

If you select Do Not Export, NT will prevent replication from this computer and will prevent the subdirectories from being exported. Conversely, if you select Export Directories, NT enables replication from this computer. The subdirectories containing files to export are listed in the From Path.

The From Path is a local path to a directory from which the subdirectories and files are exported. The default From Path is \\systemroot\system32\repl\export. The From Path is usually not changed.

The To List contains subdirectories that are exported from this export server to the domains and computers in the To List. The To List is blank by default, and this computer automatically exports to the local domain. If there are entries added to the To List, the local domain will not be exported to. It may be necessary to add the domain name to the To List. Replication to a domain name may not succeed if some or all import computers of that domain are located across a wide area network (WAN) bridge from this export server. If you have a WAN bridge, you must explicitly add the computer names of those import computers to the To List.

When you choose the Add button, the Select Domain dialog box will be displayed, which will allow you to add a computer name or domain name to the To List.

The Remove button will allow you to remove a computer name or domain name from the To List.

The Logon Script Path is a local path to a directory where logon scripts are stored. When a server authenticates a logon request and that user account has a logon script assigned, the system locates the logon script by combining the local path that is specified here with a filename specified in User Manager.

In a domain environment, master copies of every logon script should be stored under one replication export directory of a primary or backup domain controller. Copies of these logon scripts should be replicated to the other servers of the domain. The local path to imported logon scripts for every other domain controller should be entered in the Logon Script Path. Generally, the path will be \\systemroot\system32\repl\import\scripts. The Logon Script Path requires an entry and cannot be left blank.

If needed, you can change the path from which subdirectories will be exported by typing a local path in the From Path box.

Click on Manage under Export Directories to display the Manage Exported Directories screen shown in Figure C. From here, export locks can be added or removed. You can also enable or disable export stabilization and subtree exports.

Figure C
You can manage exported directories here.

You can click the Add Lock button to add a lock to the selected subdirectory. Doing so will prevent the selected item from being exported.

The Wait Until Stabilized check box helps to eliminate partial replication. If you select this box, changes cannot occur to any subdirectory or file in the selected subdirectory tree for two minutes (or more) before replication can occur. If the box is cleared, each file can be replicated as soon as it is changed.

If you select the Entire Subtree check box, the first-level export subdirectory, its subdirectories, and all the files these contain will be exported. If the box is cleared, only the first-level export subdirectory and its files will be exported. Click OK to return to the Directory Replication screen.

By default, the To List will contain a blank entry and this computer will automatically export to the local domain. If there are entries added to the To List, exports are no longer made to the local domain. If necessary, the domain name must be explicitly added to the To List. Only servers running Windows NT Server can be set up as a replication export computer.

If you want to export subdirectories to a domain or computer, click the Add button in Export Directories and complete the Select Domain dialog box that appears. The domain name or computer name will be added to the To List.

If you want to stop exporting subdirectories to a domain or computer, you must select the domain or computer from the To List under Export Directories and choose Remove.

Choose OK when you have finished making changes. The system will create the special REPL$ share required for export replication if it does not already exist. In addition, the Directory Replicator service will be started if it is not already running.

Once the replication process is set up, replication will occur each time a change is made to one of the files in a directory set for export.

Configuring the directory replication import server
Any computer running Windows NT, even those running Windows NT Workstation, can be set up as a replication import computer. An import computer can be set up to import from multiple domains and computers but not to a single subdirectory. If you do this, it will cause the files in the subdirectory to be overwritten by each subsequent update of that directory by a different domain or computer.

To set up an import computer, you must first launch Server Manager. From Server Manager, double-click on the computer you wish to set up for import. Click Replication from the property box to get to the Replication property sheet.

The process for configuring the import servers is identical to the process you used to configure the export server. The only difference is that you’ll be working with the Do Not Import and Import Directories radio boxes. Each section in the Import Directories box and the buttons associated with it work just as described above.

Directory replication can save you time by automating your servers to copy files to other servers. It also saves time by allowing you to maintain one set of master files. The process of replication requires you to go through several steps to set it up initially, but after that, it takes care of itself.
The authors and editors have taken care in preparation of the content contained herein but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for any damages. Always have a verified backup before making any changes.

Editor's Picks