Configuring the Active Directory Lightweight Directory Service (Part 4)

If you would like to read the other parts in this article series please go to:

• Configuring the Active Directory Lightweight Directory Service (Part 1)
• Configuring the Active Directory Lightweight Directory Service (Part 2)
• Configuring the Active Directory Lightweight Directory Service (Part 3)
• Configuring the Active Directory Lightweight Directory Service (Part 5)
• Configuring the Active Directory Lightweight Directory Service (Part 6)
• Configuring the Active Directory Lightweight Directory Service (Part 7)

Introduction

In my previous article in this series, I showed you how to create an Active Directory Lightweight Directory Service (AD LDS) instance. Although an AD LDS instance works fine by itself, it can become a single point of failure. If you plan on storing important business data within an AD LDS instance then it is a good idea to create at least one replica of that instance. Replicas help to provide scalability and a degree of fault tolerance. In this article, I will show you how to set up a replica.

Deploying the Active Directory Lightweight Directory Service Role

Before you can create a replica of your AD LDS instance, you must install the Active Directory Lightweight Directory Service Role onto the server that will host the replica that you are creating. The procedure for doing so is similar to the procedure that you used when you created your first AD LDS instance, but I will go ahead and provide you with a brief set of instructions so that you don’t have to go back and look at the previous article.

To install the AD LDS role, open the Server Manager and then select the Roles container and click the Add Roles link. When you do, Windows will launch the Add Roles Wizard. Click Next to bypass the wizard’s Welcome screen and you will be taken to a screen that asks you which roles you would like to install. Select Active Directory Lightweight Directory Services check box.

At this point, you should see a dialog box similar to the one shown in Figure A, telling you that some additional role services are required. Simply click the Add Required Role Services button to install the required role services.

Figure A: Click Add Required Features and then click Next.

Click Next, and the wizard will display a screen introducing you to the Active Directory Lightweight Directory Services. Go ahead and click Next to bypass this screen. You should now see a confirmation screen which asks you to verify that you do indeed want to install the AD LDS role. Assuming that the information displayed on the confirmation screen is correct, go ahead and click Install. Windows will now install the AD LDS role service. When process completes, click Close.

Creating the Replica

So far we have installed the AD LDS role, but we have not yet created a replica of our previously existing AD LDS instance. To begin creating the desired replica, open the Active Directory Lightweight Directory Services Console, which is located on the Administrative Tools menu. When the console opens, Windows will launch the Active Directory Lightweight Directory Services Setup Wizard.

Click Next to bypass the wizard’s welcome screen. You should now see a screen similar to the one shown in Figure B, asking you if you want to create a unique instance or a replica of an existing instance. Select the A Replica of an Existing Instance option and click Next.

Figure B: Select the Replica of an Existing Instance option and click Next.

At this point, you will be taken to the screen shown in Figure C. As you can see in the figure, the wizard asks you for an instance name. The name that you enter should match the name of the instance that you want to replicate. Depending on what you called your instance, this dialog box may be filled in automatically.

Figure C: Specify the name of the instance that you want to replicate, and then click Next.

Click Next and you will be taken to the screen shown in Figure D, which asks you to specify the port numbers that the instance will use. If possible, you should try to use the same port numbers as are being used by the original copy of the instance. Of course this may be impossible if the server hosting the replica has other instances installed on it, or if the server is also functioning as a domain controller.

Figure D: You must tell Windows which ports you want to use with the replica that you are creating.

The next screen that you will encounter tells you that you must join a configuration set. A configuration set is nothing more than a group of instances that all share a common configuration and schema. In this case, the configuration set will be composed of the original instance and the replica that you are creating. Therefore, all you have to do is to provide the full DNS name of the server hosting the instance that you will be replicating, along with the LDAP port number that the instance is using. You can see an example of this in Figure E.

Figure E: You must provide the FQDN of the server hosting the instance that you are replicating.

The next screen that you will encounter asks you to provide a set of credentials that have administrative permissions for the configuration set. Just enter a set of administrative credentials as shown in Figure F, and click Next.

Figure F: You must provide a set of administrative credentials for the configuration set.

At this point, you should see a screen similar to the one shown in Figure G. As you can see in the figure, you must select the check box corresponding to the partitions that you want to replicate.

Figure G: Select the check boxes corresponding to the partitions that you want to replicate.

Click Next and you will be taken to a screen which asks you for the path in which the data files and data recovery files should be stored. You can click Next to accept the defaults (which are shown in Figure H) or you can provide alternate paths.

Figure H: You must tell Windows where the AD LDS data should be stored.

You must now provide the wizard with a service account that it can use for AD LDS operations. As you can see in Figure I, you can either use a network service account or you can specify a specific account.

Figure I: You must provide the wizard with a service account to be used for AD LDS operations.

Finally, you will have to grant either a user or group administrative privileges for the AD LDS instance. As you can see in Figure J, the wizard allows you to either use the current user or to manually specify a specific user or group name.

Figure J: You must delegate administrative privileges for the instance.

When you click Next, Windows will display a summary screen containing all of the configuration options that you have entered, as shown in Figure K. Take the time to read over this summary screen to make sure that everything is correct. Assuming that all is well, click Next and Windows will begin configuring the AD LDS instance. When the process completes, click Close to close the wizard.

Figure K: Take the time to read the summary screen to verify that the server will be correctly configured.

Conclusion

As you can see, it is relatively easy to create an AD LDS replica. In the next article in this series, I will discuss the replication process in more detail.

If you would like to read the other parts in this article series please go to:

• Configuring the Active Directory Lightweight Directory Service (Part 1)
• Configuring the Active Directory Lightweight Directory Service (Part 2)
• Configuring the Active Directory Lightweight Directory Service (Part 3)
• Configuring the Active Directory Lightweight Directory Service (Part 5)
• Configuring the Active Directory Lightweight Directory Service (Part 6)
• Configuring the Active Directory Lightweight Directory Service (Part 7)