Sync a partition from one DC to another DC when they don't have a direct replication link. And other Repadmin fun...
REPADMIN /ADD
I've shown you the beauty of REPADMIN /REPLSUM * /BYSRC /BYDEST /SORT:ERROR to easily find out the largest replication deltas in your forest. Lets take a look at a couple of other things you can do with repadmin, that I use quite a bit.
When I was running the DCs, it was not an uncommon occurrence for me to investigate and troubleshoot and issue locally here in Redmond even though the user account that was affected was located on the other side of the world. Why? Because time is money, and I like low latency when I'm TS'ing to a DC, or poking around in the directory over the network.
Well we could wait a couple of hours for the forest to converge, but usually that person waiting for you to fix the error is at a work stoppage until it is fixed, so what can we do?
We can sync two DCs that are not normally replication partners! Disclaimer: Even though I used this technique for over two years in production without issue, I make no guarantees.
First off you have to open the wonderful world of experthelp: repadmin /experthelp. We're looking for the add switch but you can see there is other fun commands in here for removing lingering objects and rehosting partitions.
Here's the command:
repadmin /add dc=dom,dc=forest,dc=test JAPAN-DC-01.dom2.forest.test REDMOND-DC-01.dom.forest.test /readonly
This will create a one-time replication link between the two DCs, sync the partition I've specified, and then delete the replication link. If you're syncing a GC partition, then use the /readonly switch which I've done above. I'm sure you'll find a use for this, if your managing a large enterprise with a lot of DCs.
REPADMIN /SYNCALL
Another one of my favorites: Repadmin /syncall /edjQSA (case sensitive)
What if you wanted to sync every partition on a DC/GC with each of its adjacent partners, no matter if those partners were local or over wan links? Basically you made some changes and now you want to sync them up so that you don't have to wait for replication? If you run "Repadmin /syncall /?" you can see the syntax breakdown of the command.
Before sync, you can see the delta for this Dc and it's partners is ~39 minutes.
C:\>repadmin /replsum BRAD-dc-01
Replication Summary Start Time: 2007-04-20 15:32:07
Beginning data collection for replication summary, this may take awhile:
....
Source DSA largest delta fails/total %% error
SONJA-DC-01 39m:22s 0 / 4 0
SONJA-DC-04 39m:22s 0 / 11 0
BRAD-DC-02 39m:22s 0 / 13 0
BRAD-DC-14 39m:22s 0 / 5 0
BRAD-DC-15 39m:22s 0 / 13 0
BRAD-DC-27 39m:22s 0 / 13 0
BRAD-DC-36 39m:22s 0 / 13 0
BRAD-DC-38 21m:52s 0 / 13 0
Destination DSA largest delta fails/total %% error
BRAD-DC-01 39m:22s 0 / 85 0
Use the command to sync
C:\>repadmin /syncall BRAD-dc-01 /edjQSA
Syncing all NC's held on BRAD-dc-01.
Syncing partition: DC=DomainDnsZones,DC=red,DC=dom,DC=forest,DC=test
Syncing partition: DC=ForestDnsZones,DC=dom,DC=forest,DC=test
Syncing partition: DC=red,DC=dom,DC=forest,DC=test
Syncing partition: CN=Schema,CN=Configuration,DC=dom,DC=forest,DC=test
Syncing partition: CN=Configuration,DC=dom,DC=forest,DC=test
Syncing partition: DC=midway,DC=dom,DC=forest,DC=test
Syncing partition: DC=afr,DC=dom,DC=forest,DC=test
Syncing partition: DC=sp,DC=dom,DC=forest,DC=test
Syncing partition: DC=eu,DC=dom,DC=forest,DC=test
Syncing partition: DC=fur,DC=dom,DC=forest,DC=test
Syncing partition: DC=st,DC=dom,DC=forest,DC=test
Syncing partition: DC=nwd,DC=dom,DC=forest,DC=test
Syncing partition: DC=can,DC=dom,DC=forest,DC=test
Now you can see the delta for all the partners is near zero.
C:\>repadmin /replsum BRAD-dc-01
Replication Summary Start Time: 2007-04-20 15:32:20
Beginning data collection for replication summary, this may take awhile:
....
Source DSA largest delta fails/total %% error
SONJA-DC-01 :03s 0 / 4 0
SONJA-DC-04 :03s 0 / 11 0
BRAD-DC-02 :04s 0 / 13 0
BRAD-DC-14 :04s 0 / 5 0
BRAD-DC-15 :04s 0 / 13 0
BRAD-DC-27 :03s 0 / 13 0
BRAD-DC-36 :04s 0 / 13 0
BRAD-DC-38 :04s 0 / 13 0
Destination DSA largest delta fails/total %% error
BRAD-DC-01 :05s 0 / 85 0
Technorati tags: Active Directory, DS, Windows, Windows 2003, AD
Comments
- Anonymous
September 15, 2010
How can you determine your forest convergence time? The time it takes say for a new user account to be on every DC???