Enable Change Notifications between Sites – How and Why?
Hello all, hope you guys are doing great. Today, I wanted to write a little about Change Notification, why you ask? Simply because one of my customer had a number of questions on what it is, why it’s there and what can be done to enable it for site links.
So, l will try to answer the 3 questions here.
First, what is Change Notification? Change Notification is the interval between an originating update on a domain controller and notification of this change to its partners. When this interval elapses, the domain controller initiates a notification to each intra-site replication partner that it has changes that need to be propagated. Another configurable parameter determines the number of seconds to pause between notifications to other partners if any. This parameter prevents simultaneous replies by the replication partners.
There are two values for the interval – one for the first partner, and other for the subsequent partners. When a change is made on a Domain Controller’s Active Directory database, before the change is replicated, the DC waits for a specific period of time before sending the Change Notification to its first partner, and then waits for another period of time before sending the Change Notification to another partner, this process continues until all partners are notified.
For intra-site replication partners, a DC waits 15 seconds (300 in W2K) before notifying its first replication partner and then another 3 seconds (30 in W2K) before sending this change notification to subsequent partners. These intervals can be modified by the below DWORD values in the registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
Replicator notify pause after modify (secs)
and
Replicator notify pause between DSAs (secs)
These DWORD values control how long to wait before sending the Change Notification after a modify operation on a Domain Controller to its first partner and then all subsequent partners in the same site. But what about my Domain Controllers in other sites?. We know that replication honors Replication Intervals set on the Site Link between two sites and the minimum interval that can be set via the AD Sites and Services snapin is 15 minutes. What if your environment can afford to enable these change notifications between your sites or specific sites because you have a large amount of bandwidth. For this you can enable Change Notifications between sites as well. To do this:
1. Open ADSIEdit.msc.
2. In ADSI Edit, expand the Configuration container.
3. Expand Sites, navigate to the Inter-Site Transports container, and select CN=IP.
Note: You cannot enable change notification for SMTP links.
4. Right-click the site link object for the sites where you want to enable change notification, e.g CN=DEFAULTSITELINK, click Properties.
5. In the Attribute Editor tab, double click on options.
a. If the Value(s) box shows <not set>, type 1
b. If the Value(s) box contains a value, you must derive the new value by using a Boolean BITWISE-OR calculation on the old value, as follows: old_value BITWISE-OR 1. For example, if the value in the Value(s) box is 2, calculate 0010 OR 0001 to equal 0011. Type the integer value of the result in the Edit Attribute box; for this example, the value is 3.
6. Click OK.
See PowerShell Script to Enable Change Notification @ https://gallery.technet.microsoft.com/scriptcenter/61cb88bb-8c61-477f-834e-79ed0c153669
or VBScript to Enable Change Notification for Site Links @ https://gallery.technet.microsoft.com/scriptcenter/390b54d2-cd49-4f46-92e0-c22ff6f25f1c
With Change Notification enabled between sites, changes propagate to the remote site with the same frequency that they are propagated within a site. The advantage of enabling Change Notification between sites are little to no conflicts. As a matter of fact, I have yet to see a Conflict object (will discuss some other time) between DCs in different sites if Change Notification is enabled between those sites. Plus if there are a lot of changes being made, these changes will not be queued up as they will be replicated with the same frequency as the domain controllers in the DC’s own site. What about disadvantage? Is there one? Well sure, it’s a possible and potential replication storm as all the domain controllers are part of the Change Notification intervals.
But what about compression? Replication within a site for AD is not compressed, while in remote sites, replication data is always compressed to take advantage of the low speed links and intervals set between them. So if you are one of those environments that are enjoying the fruits of enabling Change Notification between sites and would like to replicate data uncompressed vs. compressed, then here is another tip.
The value of Options attribute that we modified above, if the value is 1, then Change Notification is enabled with compression; and if you change the value to 5, then Change Notification is enabled without compression, hurrah J