Solved

NTDS Settings in Sites And Services - General Questions

Posted on 2006-10-27
2
522 Views
Last Modified: 2008-02-01
I have a WINDOWS 2003 network, I have several sites and I need to setup a replication plan for the DCs.

Im not certain that I fully understand the role the NTDS in the Sites and Services.


I have a main site, which hosts 2 DCs, one being the Domain Master.

Then I have a group of 4 dept offices, connected to the main site via wireless each dept with there own DC.

Then I have a group of 5 dept offices, connected to the main site via VPN over DSL/Cable line.

The DC's in the Main site can ping all DCs in the domain.

The DC's in the Wireless can ping all DC's in the Main Site and All DC's in the Wireless Site, but can not ping any of the DC's in the VPN sites.

The DC's in VPN can only ping the main site.

Each dept/site had its own subnet.

I did not originally setup this network, and when I origiinally accepted this job, I was told that all DCs in the domain had connectivity to all other DCs the enterprise.

In sites and services I setup a subnet for each subnet on the wan, setup a site for each subnet and associated that with the correct subnet, then I moved the DC's for each site into the correct subnet.

If I got into the NTDS setting for each DC's there are several DCs listed there, no pattern, some have all the DC's, other have a few DCs.

Its my understanding that I need to setup the replication partners for each DC in this area, this is what I did.

I setup the DC's on the MAIN site to replicate to all DCs in the domain.
I setup the DC's on the Wireless to replicate to the DC's in the MAIN location and the DCs on the Wireless.
I setup the DC's on the VPN to replicate only to the DC's in the MAIN.

Am I going about this in the correct way?
After making these changes, I checked back 1/2 hour later and several of the DC have not been replicated, do I need to restart each DC?
Any additional Information would be greatly appriciated.

thanks
Steve
0
Comment
Question by:AccessYourBiz_Com
2 Comments
 
LVL 9

Accepted Solution

by:
dooleydog earned 500 total points
ID: 17820488
you can just let the ISTG (InterSite Topology Generator) do it, but if you want specific servers to replicate, you can manually set up replication by adding a connection object to the server you want to replicate to.

If you want to set up a manual replication topology, i would suggest a hub and spoke system, or let the branch offices replicate with the HQ or central office, and then back out as necessary.

If you want to do it manually, you will need to turn off the ISTG.

http://www.microsoft.com/technet/community/columns/profwin/pw0503.mspx

http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/activedirectory/maintain/opsguide/part1/adogd06.mspx

here are two links to help.

Good Luck,

0
 
LVL 3

Author Comment

by:AccessYourBiz_Com
ID: 17836033
thanks for the help, where do I turn off the ISTG, im still not getting replication working, when I run dcdiag im getting errors on the KCCevent and Sysvol:

Starting test: frssysvol
         There are errors after the SYSVOL has been shared.
         The SYSVOL can prevent the AD from starting.
         ......................... 65MAPLE passed test frssysvol
      Starting test: kccevent
         An Warning Event occured.  EventID: 0x8000061E
            Time Generated: 10/30/2006   10:23:16
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC000051F
            Time Generated: 10/30/2006   10:23:16
            (Event String could not be retrieved)
         An Warning Event occured.  EventID: 0x8000061E
            Time Generated: 10/30/2006   10:23:16
            (Event String could not be retrieved)
         An Error Event occured.  EventID: 0xC000051F
            Time Generated: 10/30/2006   10:23:16
            (Event String could not be retrieved)
         ......................... 65MAPLE failed test kccevent
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question