Does ANYONE's 2003 DC Intrasite replicate under 15 mins!!??!

[Laura A. Robinson]

circa Tue, 28 Oct 2003 21:19:28 GMT, in
microsoft.public.win2000.active_directory, K Berrien
([email protected]) said,

Before we go there, let's talk DNS.

What kind of DNS info would be helpful. I checked my DNS
configurations today, and I have what appear to be proper records.
Didn't have time to dig out any documentation and compare...

but.. for instance, my site info seems correct. Both servers in terms
of DNS, are within the same site - if they were not, perhaps why I'm
having my problems.

cityofx.org
_sites
Mysitename
_tcp
_gc Service Location (SRV) [0][100][3268]
westfile.cityofX.org.
_gc Service Location (SRV) [0][100][3268]
westnet.cityofX.org.
_kerberos Service Location (SRV) [0][100][88]
westfile.cityofX.org.
_kerberos Service Location (SRV) [0][100][88]
westnet.cityofX.org.
_ldap Service Location (SRV) [0][100][389]
westfile.cityofX.org.
_ldap Service Location (SRV) [0][100][389]
westnet.cityofX.org.

This is one of those situations where I'd want to see the environment
and do some digging, unfortunately. Joe's idea about deleting the
connection objects is probably a wise one. Also, restart the netlogon
service on the DCs and clear out the DNS server and client caches on
the DCs. You haven't made any schema modifications by any chance,
have you? Are these upgraded 2000 DCs? (You may have already told us
whether or not they are, but I can't recall and am too lazy to re-
read the whole thread. <G>)

Laura

 

[Laura A. Robinson]

circa Sun, 26 Oct 2003 15:12:15 GMT, in
microsoft.public.win2000.active_directory, K Berrien
([email protected]) said,

My origional site had 3 subnets, so I moved the DC's to a hypothetical
site DATACENTER and only attached one subnet (which the machines are
on), still doesn't work...

What did your subnet definitions look like?

So I tried set nc replicate notification delay DC=mydomain,DC=org
30 60 and played with that. still doesn't work...

You set this where?

Laura

 

[K Berrien]

repadmin /showmeta cn=objectname,ou=whereat,dc=domain,dc=com domaincontroller

Also you want LDAP dumps of the object from both DC's. You can use ldp from MS or my adfind (www.joeware.net on the free
win32 c++ tools page). Using adfind it would look like

adfind -h domaincontroller -b cn=objectname,ou=whereat,dc=domain,dc=com -s base

Ok, will give all this a try and report back.

Also another suggestion that I thought I made somewhere else but can't find it is to spin up a third domain controller
and see what it replicates like.

This I'd like to do, unfortunately, time does not exist. Of course,
besides this project, I still have my regular duties to perform

Also yet another suggestion would be to blow away the connection objects between the DC's and let the machines reconnect
themselves. Maybe there is a bad value in the connection objects?

How would I do that? Use the graphical based replication tool, and
break the links (lines) between DC's? Sorry, don't have the 2k3 box
here to look at, only my 2k test box at home, without another DC.

 

[K Berrien]

circa Sun, 26 Oct 2003 15:12:15 GMT, in
microsoft.public.win2000.active_directory, K Berrien
([email protected]) said,

What did your subnet definitions look like?

I had a site created, for the building. This building has 3 subnets.
Thus, I had 3 subnets linked to this site. subnets as
172.20.2.0/255.255.255.0, etc...

Since I had 3 subnets to one site, where my DC's were I created a site
for our office, linked the subnet the DC's reside on (removed from
building site) and moved the DC's into there.. just to see.

You set this where?

At command line using ntdsutil

set nc replicate notification delay <DirectoryPartition> <delaysec>
<additional delaysec for remaining dc's>

So I did:

set nc replicate notification delay DC=mydomain,DC=org 30 60

 

[K Berrien]

Also, restart the netlogon
service on the DCs and clear out the DNS server and client caches on
the DCs.

How to clear the client cache?

You haven't made any schema modifications by any chance,
have you?

No, that would be beyond my AD knowledge at this point....

Are these upgraded 2000 DCs? (You may have already told us
whether or not they are, but I can't recall and am too lazy to re-
read the whole thread. <G>)

These are virgin installs of Win2k3.

 

[Joe Richards [MVP]]

On the time comment, you have spent quite a bit on it already, I would expect this would take little time and if it
clears the problem, you have a path to follow to correct.

Use dssite.msc to remove the current connections.


--
Joe Richards
www.joeware.net

--

repadmin /showmeta cn=objectname,ou=whereat,dc=domain,dc=com domaincontroller

Also you want LDAP dumps of the object from both DC's. You can use ldp from MS or my adfind (www.joeware.net on the free
win32 c++ tools page). Using adfind it would look like

adfind -h domaincontroller -b cn=objectname,ou=whereat,dc=domain,dc=com -s base

Ok, will give all this a try and report back.

Also another suggestion that I thought I made somewhere else but can't find it is to spin up a third domain controller
and see what it replicates like.

This I'd like to do, unfortunately, time does not exist. Of course,
besides this project, I still have my regular duties to perform

Also yet another suggestion would be to blow away the connection objects between the DC's and let the machines reconnect
themselves. Maybe there is a bad value in the connection objects?

How would I do that? Use the graphical based replication tool, and
break the links (lines) between DC's? Sorry, don't have the 2k3 box
here to look at, only my 2k test box at home, without another DC.

 

[K Berrien]

Time at work is different from time at home. My work here, and
research, etc.. has been at home. Time at work has been checking,
testing. But, nothing everyone else doesn't already know.

 

[K Berrien]

Issue RESOLVED! Per Joe's suggestion, purging my connections, and
allow them to automatically be recreated did the trick. Changes made
on one box now are reflected in under 1 min!

My biggest thanks to Joe, Laura, Trond, and Matjaz for taking time to
assist me in solving this issue. Have some of that left over
Halloween candy on me, and don't feel guilty!

 

[Joe Richards [MVP]]

LOL. Glad we could help you out K.