Chapter 7. Managing Active Directory Replication
ALL DOMAIN CONTROLLERS (DCS) HOST A read/write copy of Active Directory. This simple statement opens a world of complexity. Keeping dozens or hundreds of replicas of the Active Directory database consistent and secure in the face of uncertain network conditions requires a good deal of ingenuity on the part of the developers and design savvy on the part of system administrators.
You need a detailed knowledge of replication operation before you can design an effective Active Directory architecture. Without making allowance for replication, you'll end up with domain controllers that never get in sync, clients that authenticate indiscriminately throughout the network, poor LDAP (Lightweight Directory Access Protocol) search performance, logon failures, and possibly even database corruption.