Any of the following situations may occur with Active Directory replication:
- A replication connection object to a domain controller, either in the same domain or a trusted domain, is not created because the remote domain controller is not listed in the Active Directory Sites and Services Find Domain Controllers dialog box.
- A replication connection is not automatically established between a local domain controller and a remote domain controller, either in the same or a trusted domain, because the necessary NTDS Settings object does not appear for the server in the Active Directory Sites and Services administrative tool.
The Knowledge Consistency Checker (KCC) in Windows 2000 automatically generates an intrasite and intersite replication topology by default. It is able to do so by reading the DSA objects in the Active Directory Configuration partition. These objects, identified in the Active Directory Sites and Services administrative tool as NTDS Settings objects underneath each server, identify that particular server as a domain controller and contain specific data that is used in configuring replication between domain controllers.
It is important to understand the difference between a replication link and a replication connection. Replication connections (those objects viewed as child objects to NTDS Settings objects in Active Directory Sites and Services) are created by the KCC as definitions about how the replication topology should mesh (and more importantly, why). Replication links are a result of the KCC-generated connection object and are used by Windows 2000 to trigger replication and maintain the status of replication between two domain controllers (that is, replication links actually control Active Directory replication, not replication connections). Replication links are stored as data in an attribute of the directory partition and are only viewable through Active Directory editing tools.
This article discusses how to manually add a replication link in the event a connection object cannot be created.
Repadmin.exe is a command-line tool from the Microsoft Windows 2000 Resource Kit that is included with the Support tools, which you can install from the Support\Tools folder of the Windows 2000 Server or Professional CD-ROM. You can use this tool to manually create a replication link that Windows 2000 will use to replicate over. In the absence of an NTDS Settings object for a particular replication partner in the Configuration partition of Active Directory, you can use Repadmin to specify the data that would otherwise be retrieved automatically by the KCC.
To add a replication link to another domain controller:
- Determine the Globally Unique Identifier (GUID) of the remote server to act as the "source" domain controller. The source domain controller is the computer from which changes are replicated. To determine this value, see the following article in the Microsoft Knowledge Base:
The value should look like the following (but will not contain the same number and character combination):
Determining the Server GUID of a Domain Controller
- On the domain controller that needs to receive the replicated changes (also known as the "destination" server), run the following command
repadmin /add context destination source
where context is the LDAP distinguished name (DN) of the partition of the directory to be replicated, destination is the fully qualified domain name (FQDN) of the local domain controller to receive the changes, and
source is the fully qualified path to the CNAME record in DNS for the source domain controller, or the fully qualified DNS name of the source domain controller. If the server's GUID is used, the following syntax is required:
An example of the Repadmin syntax with the required parameters might be:
repadmin /add cn=configuration,dc=mydomain,dc=com ServerOne.mydomain.com e99e82d5-deed-11d2-b15c-00c04f5cb503._msdcs.mydomain.com
In this example, the GUID for ServerOne is "402ef1b7-b445-469f-bec2-f2663a09b415"; "e99e82d5-deed-11d2-b15c-00c04f5cb503" represents another domain controller in the same domain.
An example of the Repadmin syntax using the fully qualified DNS host name might be:
repadmin /add cn=configuration,dc=mydomain,dc=com ServerOne.mydomain.com
- After you create the replication link, force a replication cycle by running the following command on the destination domain controller:
repadmin /sync context destination source GUID only
repadmin /sync cn=configuration,dc=mydomain,dc=com ServerOne.mydomain.com e99e82d5-deed-11d2-b15c-00c04f5cb503
- Use the repadmin /showreps command or Active Directory Replication Monitor (Replmon) to confirm that replication successfully occurred.
To expand the online Help for the parameter syntax, use the following command: