Windows 2003 Server USN Differ

Posted on 2006-06-01
Medium Priority
Last Modified: 2008-01-09
I have two domain controllers in my domain.  On the first dc I promoted, the Current: and Original: Update Sequence Numbers (USNs) are 4411.  This dc holds all roles.  The second dc has the Current: and Orginal: Update Sequence Numbers (USNs) of 8258.  I found this by going to ADUC, went to the View tab and selected Advanced Features, selected System, then DomainUpdate, the right-clicked Windows2003Update and selected properties.  My question is, should the USN numbers match on both controllers?  Should both dc1 and dc2 either have 4411 or 8258?  Or can these be different.  I am asking this because I am trying to install exchange 2003 standard and I thought I read where these numbers should match.  Other than that, I am not getting any event viewer errors in either Directory Service or File Replication Service and the system seems to be working well.  No other problems or quirks have been reported.  FYI, I am not installing exchange on a dc, I have another computer that I will install it on.  
Question by:rpsne
LVL 48

Assisted Solution

Jay_Jay70 earned 1000 total points
ID: 16811896
Hi rpsne,

mine dont match and exchange runs perfect - where did you read this?

Expert Comment

ID: 16811901

Accepted Solution

mvvinod earned 1000 total points
ID: 16812106
Each object in AD has a USN number, kinda like a counter. Whenever you update a object, it increments the counter so other DC can recognize which is the new value for that object and update it accordingly. The whole AD itself has like a USN number. Same purpose.

Your USN numbers will NEVER match between any domain controllers because as things change in network, USN number keeps changing and replication tries to catch up with it. Even if a user tries a wrong password, usn number is changed coz now the field "unsuccesful password attempts" is increased and other domain controller has to know about it to track the exact number of incorrect password attempts.

The way you have to check of replication USN is like this..
 Install support tools.
Open command prompt, type
repadmin <dcname> /showutdvec dc=domainname,dc=com

This will output the USN number of different DC's. Now do the same from another DC.

What you have to compare is the version difference between DC's. In the first command, look for USn number of server you used. Compare this number with USN of same server when you run this command in another server.

Try this and see how close this is. This tells you if there are replication issues...

Also exchange doesnt care if USN are different in DC's. BUt make sure you run adprep and domain prep on schema master and domain naming master reapectively.. It is very important...



Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question