AD Sync between two Sites



  • Active Directory Replication is something new to me. Previous Server systems I have maintained have not needed to have replication as they were only one system.

    I am looking into why replication is failing between two sites. It was working, stopped, was addressed by another person and now seems to have stopped again.

    Unless I am not waiting long enough for replication to occur.

    What/Where should I start to look to try to isolate why the replication didn't occur?



  • A screen shots of the error message would be a very good start.

    I once had replication issue before, but that was due to AD on one of the server contain lingering object. Not sure if it is the same as what you are experiencing or not.



  • You may want to look into the repadmin command. This will give you an insight into how the replication is working. I think it can even output log files associated with AD replication.



  • @LAH3385 I guess a better question for you is: How did you know, or realized, AD replication has stop working?



  • Network connectivity is a big factor. How fast is it, how reliable is it.



  • @LAH3385 said:

    @LAH3385 I guess a better question for you is: How did you know, or realized, AD replication has stop working?

    Created User on one side of AD,.. checked the other side, User was NOT there.



  • @gjacobse said:

    @LAH3385 said:

    @LAH3385 I guess a better question for you is: How did you know, or realized, AD replication has stop working?

    Created User on one side of AD,.. checked the other side, User was NOT there.

    long distance replication can take over 15 mins to happen.



  • @coliver said:

    You may want to look into the repadmin command. This will give you an insight into how the replication is working. I think it can even output log files associated with AD replication.

    reposted

    here are some additional notes
    https://technet.microsoft.com/en-us/library/cc794749(v=ws.10).aspx?f=255&MSPPError=-2147217396



  • @Dashrender said:

    @gjacobse said:

    @LAH3385 said:

    @LAH3385 I guess a better question for you is: How did you know, or realized, AD replication has stop working?

    Created User on one side of AD,.. checked the other side, User was NOT there.

    long distance replication can take over 15 mins to happen.

    I expected as much.

    It's been a hour now.



  • @gjacobse said:

    @Dashrender said:

    @gjacobse said:

    @LAH3385 said:

    @LAH3385 I guess a better question for you is: How did you know, or realized, AD replication has stop working?

    Created User on one side of AD,.. checked the other side, User was NOT there.

    long distance replication can take over 15 mins to happen.

    I expected as much.

    It's been a hour now.

    what does repadmin tell you?



  • C:\Windows\system32>repadmin /showrepl
    
    Repadmin: running command /showrepl against full DC localhost
    DomainName \Srvr-DC3
    DSA Options: IS_GC
    Site Options: (none)
    DSA object GUID: 1a460929-6e4c-4fc3-8377-5ef3b92b422d
    DSA invocationID: d85ce1be-42cb-423c-9187-1135bcf58f94
    
    ==== INBOUND NEIGHBORS ======================================
    
    DC=Domain Name,DC=com
        Default-First-Site-Name\Srvr-DC2 via RPC
            DSA object GUID: xxxxxxx-xxxx-xxxx-xxxx-f589d72ba337
            Last attempt @ 2016-02-24 10:03:26 was successful.
    
    CN=Configuration,DC=Domain Name,DC=com
        Default-First-Site-Name\Srvr-DC2 via RPC
            DSA object GUID: xxxxxxx-xxxx-xxxx-xxxx-f589d72ba337
            Last attempt @ 2016-02-24 10:03:26 was successful.
    
    CN=Schema,CN=Configuration,DC=Domain Name,DC=com
        Default-First-Site-Name\Srvr-DC2 via RPC
            DSA object GUID: xxxxxxx-xxxx-xxxx-xxxx-f589d72ba337
            Last attempt @ 2016-02-24 10:03:27 was successful.
    
    DC=DomainDnsZones,DC=Domain Name,DC=com
        Default-First-Site-Name\Srvr-DC2 via RPC
            DSA object GUID: xxxxxxx-xxxx-xxxx-xxxx-f589d72ba337
            Last attempt @ 2016-02-24 10:03:27 was successful.
    
    DC=ForestDnsZones,DC=Domain Name,DC=com
        Default-First-Site-Name\Srvr-DC2 via RPC
            DSA object GUID: xxxxxxx-xxxx-xxxx-xxxx-f589d72ba337
            Last attempt @ 2016-02-24 10:03:27 was successful.
    

    looking to force replication now.



  • I think it is

    repadmin /replicate DC1 DC2 dc=domain,dc=com


  • Everything looks good - I've heard of replication taking up to 4 hours before.



  • It just occurred to me... does it matter which end this is performed from?



  • @gjacobse you may want to check your site link replication schedule. The default is 180 minutes. You can drop it down to 15 minutes



  • @coliver said:

    repadmin /replicate DC1 DC2 dc=domain,dc=com

    So I have have limited success.. but success was made. I the user I created on the other end,.. is now on the local AD.

    I'll look at this more,.. but think it's otherwise solved.