It relies instead on the use of update sequence numbers (USNs) that are assigned by a counter that is local to each domain controller.

Because these USN counters are local, it is easy to ensure that they are reliable and never "run backward" (that is, decrease in value).

The trade-off is that it is meaningless to compare a USN assigned on one domain controller to a USN assigned on a different domain controller.

The replication system is designed with this restriction in mind.

The current USN is a 64-bit counter that is maintained by each Active Directory domain controller.

At the start of each update transaction (originating or replicated) on a domain controller, the domain controller increments its current USN and associates this new value with the update request.

But keeping time closely synchronized in a large network is essentially impossible. And with some systems, unless time is perfectly synchronized among all copies of the directory, there is a chance for data loss or directory corruption.

Active Directory replication does not depend on time to determine what changes need to be propagated.

But if the attribute is updated twice on domain controller A and once on domain controller B, the update of domain controller A wins even if the clock of domain controller B is set forward to December 31, 9999.

