AD Sites and Services connectors question

[Neal]

Hi there.

We have five buildings connected by various speed WAN links from 64k to
512k. In each location we have a W2K AD domain controller. Each one is a
Global Catalog.

In AD S&S we created a site for each location, and a subnet for each. Then
we moved each server to the correct AD Site.

Everything started off well, but now we have replication issues. If I go to
a server and add a user with ADU&C it can appear on another server in a
couple of minutes, yet take an hour to show up on another one.

If I look in AD S&S at the connectors, I see in some cases one or two
'automatically generated' connectors. One of the servers has four
connectors, one for each of the other servers.

Why are there different numbers?

Should each server have a connector for each other one? I would have
expected to see each server make connectors for all the other ones.

Can I simply make manual connectors?

Will this help our problem of slow replication?

Regards, Neal

 

[Brian Desmond [MVP]]

Neal,

The KCC (knowledge consistency checker) in AD automaitcally generates
replication topology and creates the necessary connections. If you install
the Win2K support tools, a graphical rplication monitor is isntalled, I
think start>run>repmon will open it (or maybe replmon or replmon.msc). If
you think the KCC is wrong, you can delete the autogen'd connections and
creat your own. In general it does a good job, though.

--
--
Brian Desmond
Windows Server MVP
(e-mail address removed)12.il.us

Http://www.briandesmond.com

 

[Guest]

It doesn't sound like your replication is broken, or that you need to create manual links.
The KCC scales up to approximately 100 sites in Windows 2000, so in your configuration, it should do fine.
And it is normal to see some servers have more connection objects than others.

To test your replication speed - try this:

1. Install the 2000 Support Tools from the 2000 CD.
2. Go to Start, Programs, Windows 2000 Support Tools, Active Directory Replication Monitor.
3. Click Add Monitored Server in Replication Monitor (Replmon), and add the DC you are on.
4. Bring up AD Users & Computers (shortcut is Start, Run, dsa.msc)
5. Create a test user on the DC, and then switch over to Replication Monitor (replmon), right click the DC's name, and select Synchronize all Directory Partitions, on the dialog that comes up, select the bottom two check-boxes (Push changes and cross site boundaries), then ok it.

That will the test user to be replicated immediately to all DCs, regardless of what site they are in.
By default, 2000 only replicates every 3 hours to DCs in other sites.

To check if the other DCs got it, right click AD Users & Computers and select Connect to Domain Controller, which lets you see the copy of AD that resides on whatever DC you connect to.

Since you now have the Support Tools installed, you can also run DCDIAG and NETDIAG to gauge the health of the DC.

dcdiag /v > dcdiag.txt
dcdiag /v > netdiag.txt

Then bring up those text files and search on the words Error and/or Fail to see if there is anything wrong.

- Craig

 

[Neal]

Thanks, you've answered an important question I had, in that it doesn't
matter if I make my own.

(-:

 

[Neal]

Thanks for your advise and the detail in your answer. I'll work through it
step by step!

Regards, Neal Blackie

It doesn't sound like your replication is broken, or that you need to create manual links.
The KCC scales up to approximately 100 sites in Windows 2000, so in your

configuration, it should do fine.

And it is normal to see some servers have more connection objects than others.

To test your replication speed - try this:

1. Install the 2000 Support Tools from the 2000 CD.
2. Go to Start, Programs, Windows 2000 Support Tools, Active Directory Replication Monitor.
3. Click Add Monitored Server in Replication Monitor (Replmon), and add the DC you are on.
4. Bring up AD Users & Computers (shortcut is Start, Run, dsa.msc)
5. Create a test user on the DC, and then switch over to Replication

Monitor (replmon), right click the DC's name, and select Synchronize all
Directory Partitions, on the dialog that comes up, select the bottom two
check-boxes (Push changes and cross site boundaries), then ok it.

That will the test user to be replicated immediately to all DCs,

regardless of what site they are in.

By default, 2000 only replicates every 3 hours to DCs in other sites.

To check if the other DCs got it, right click AD Users & Computers and

select Connect to Domain Controller, which lets you see the copy of AD that
resides on whatever DC you connect to.

Since you now have the Support Tools installed, you can also run DCDIAG

and NETDIAG to gauge the health of the DC.

dcdiag /v > dcdiag.txt
dcdiag /v > netdiag.txt

Then bring up those text files and search on the words Error and/or Fail

to see if there is anything wrong.