An administrator has three tools that can be used to trigger Active Directory replication of either all directory partitions (contexts) or just a specified partition between a domain controller and one or all of its direct replication partners:
The Active Directory Sites and Services snap-in
RepAdmin command line utility
ReplMon GUI utility
As is typical for practically any administrative task, you can also use scripts (see example in Chapter 17, "Scripting Administrative Tasks").
Remember that the "source" server (DC) always replicates its changes to the "target" server (DC). Usually, you first select the target, then the source.
This snap-in allows an administrator to initiate replication of all configured directory partitions from each replication partner separately. Select a target DC from the Servers container of the applicable site and point to its NTDS Settings object. You can trigger replication from any server represented by a Connection object in the right pane (see example in Fig. 8.4). Select a connection and click Replicate Now in the context menu. You must wait until replication completes (with the "Active Directory has replicated the connections" message if successful).
Fig. 8.4: Triggering replication from a direct partner
All directory partitions configured for that partner are replicated. (You can see all their names — including application directory partitions — in a connection's Properties window.) You have no options to replicate one partition only.
With RepAdmin.exe, you replicate each directory partition separately and from one or all sources. (This command-line tool has the same functional capabilities as ReplMon, a GUI tool.) For example, to trigger replication for a destination server, you can use the following command:
C:\>repadmin /syncall netdc2.net.dom DC=net,DC=dom,
where netdc2.net.dom is the server DNS name, and DC=net, DC=dom is a partition name (the domain naming partition in this case).
The difference between this command and the operation shown in Fig. 8.4 is the following:
The command replicates only one partition, but from all partners.
In the snap-in window you replicate all partitions, but from one partner only.
To force replication in the entire domain (forest), you might write similar commands for each DC and all directory partitions to a command file, which will serve to fulfill total replication in the domain.
The repadmin /syncall serverName command replicates only one directory partition (the Configuration partition), and performing such a command is not enough to fully replicate the server specified.
The Windows .NET version of RepAdmin provides a new flag /A for the /syncall operations. The following command synchronizes all partitions stored on NETDC1 DC with all its replication partners:
C:\>repadmin /syncall netdc1.net.dom /A
The following command replicates one partition from one partner (specified by its GUID):
C:\>repadmin /sync DC=net,DC=dom netdc1.net.dom a10bc624-6d04-44e7-adf9-5ef4282efbb1
Normally, RepAdmin waits for replication to be completed. You can add the /async parameters to the command to start an operation and not wait for its completion.
RepAdmin will be described in detail in Chapter 11, "Verifying Network and Distributed Service."
A GUI tool, ReplMon.exe, provides an administrator with the following replication modes (from the most "global" to more granular ones) for a server specified:
Synchronize each directory partition with all replication partners (there are three additional options available with this mode)
Synchronize this directory partition with all replication partners
Synchronize this directory partition with this replication partner
You never need wait for a replication operation to complete, and all operation results are written to the log files.
RepAdmin is described in detail in Chapter 11, "Verifying Network and Distributed Service."
|Additional Replication Tools|| |
To force synchronization of replica sets managed by the File Replication Service (FRS), the contents of the SYSVOL volume, for example, use the ntfrsutl poll command. See details in Chapter 11, "Verifying Network and Distributed Services."
To synchronize a Windows 2000- or Windows .NET-based server that owns the PDC Emulator FSMO role with Backup Domain Controllers (BDCs) in a mixed-mode domain, use the NLtest.exe tool. See the /REPL, /SYNC, /BDC_QUERY, and other parameters of this tool. The LBridge.cmd command file from the Windows 2000 Server Resource Kit should be used for copying files from the System Volume (SYSVOL) share to the export directory on a Windows 4.0-based BDC.
You can write custom scripts that will initiate replication events in accordance with your own strategy. See, for example, Listing 17.17 in Chapter 17, "Scripting Administrative Tasks."