Active Directory Replication is a way to keep all your DC's in sync with each other and aware of the changes which Admins make on individual DC's across sites/domains etc.
Keeping a check on replication is the first step to a healthy infrastructure and should be followed religiously.
Keeping a check on replication is the first step to a healthy infrastructure and should be followed religiously.
AD Replication is instrumental in making group policies work across sites/domains and many such important tasks.
One of the very common reasons for AD Replication to fail is DNS; if DNS is not healthy AD Replication will never work properly thus DNS is the backbone for AD Replication. Some of the points that should be checked for DNS are (1) Checking the NIC Binding order (2)Checking if the DC's are pointing to themselves or an ISP for the Primary/Secondary DNS the ideal configuration being to point Server A for primary DNS to Server B, and for Secondary to Itself & Vice Versa.
Check for DNS issues in event viewer and also while you run netdiag /v, netdiag /fix can certainly help resolving few errors.
Packet drops are also a major reason for Replication to fail so make sure the settings such as MTU size across firewalls/routers are correct.
Command to check at what Packet Size we can ping :- ping IP_Address -f -l 1472 (default packet size)
By keeping a good watch Replication errors can be kept at bay.
No comments:
Post a Comment