Hi, I have a Domain Controller on Win2k3. I want to replicate my AD on a 2nd server, but I only want to replicate the objects added, dismissing objects deleted, moved or changed, how can i do this?

Posted on 2008-10-14
Last Modified: 2013-11-21
Hi, I have a Domain Controller on Win2k3. I want to replicate my DC and AD on a 2nd server, but I only want to replicate the objects added, dismissing objects deleted, moved or changed, how can i do this? I had read about the replication triggers, but I couldn't find a mode (if it exist) to select or enable the triggers I want to have active. Thanks for any help you can provide me!
Question by:ale_1
  • 3
  • 2
LVL 70

Expert Comment

ID: 22709555
Are you talking about replicating DATA or active directory. If its active directory then ALL changes are replicated - this is the way it works and you cannot change it - its a multi-master database.

Author Comment

ID: 22709620
I'm talking about replicating Active Directory. If there is no way of doing it, can at least program the replications to be done only when i choose to? for example, at the end of the day, week or month activating a command or something like that? thank a lot!
LVL 70

Expert Comment

ID: 22709693
Active directoty is not designed to work like this - all Active Directory DCs fully replicate with each other.

If you have multiple sites then you can schedule when replication will occur between sites but I'm not sure thats what you reaaly want to do - what are you hoping to achieve by staggering replcation?

Author Comment

ID: 22709750
The reason is we had an strange situation a few days ago when an entire OU disappeared, and recovering from the tombstone of AD was a laborious task because of the stripping windows does on the objects that are sent there. We have an extra server unmounted, so we thought to put it back to activity as a standby DC, getting updated only with the additions, and in a case like the one we had, set the standby DC as the primary while we work in the old one. Anyway, it was an idea we had, but I'm open to any ideas anybody can suggest.
LVL 70

Accepted Solution

KCTS earned 250 total points
ID: 22709763
Attempting to control replication is NOT the way to go, you need to make regualr backups of active directory so that if necessary you can do an authorative restore - AD ins included in the System State.

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Know what services you can and cannot, should and should not combine on your server.
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question