Missing Registry Key for Strict Replication

After running the the BPA on Server 2008 R2 we receive a warning under Active Directory Domain Services stating "Strict Replication consistency should be enabled on all domain controllers in this forest". After researching the issue there are two ways to correct this issue, one using repadmin and another by simply changing the value in the registry key, the issue we have is that the Registry key "HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Strict Replication Consistency" doesnt exist. The "strict replication consistency" entry is not under the parameters entry. Any thoughts?
mbb-lawAsked:
Who is Participating?
 
Mike KlineCommented:
You don't need to enter the key there just

repadmin.exe /regkey <dcname> +strict

Thanks

Mike
0
 
Mike KlineCommented:
You should be able to add it manually.  Haven't tested but if you enable it using repadmin dows it get created for you? (I've always done it using repadmin)

Thanks

Mike
0
 
netballiCommented:
It appears you are being informed that there are  tombstoned objects in your domain which are being replicated the

"HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Strict Replication Consistency" key prevent replication from a corrupt DC partners.

following link has better explanation.


http://blogs.dirteam.com/blogs/paulbergson/archive/2011/03/08/preventing-lingering-object-replication-in-active-directory.aspx
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Mike KlineCommented:
It is not telling him that he has tombstones, it is just saying to enable strict replication consistency (he is using the best practices analyzer)

Thanks

Mike
0
 
Todd GerbertIT ConsultantCommented:
It's not unusual for registry keys for not-so-common settings/options to not exist, I often see MS KB articles that instruct you specifically to create a registry key.

However,this KB article reads to me like there is one way to enable Strict Replication, which is to use repadmin - and registry info is just gee-whiz informational FYI stuff. I'd also note that the article states that repadmin changes two registry keys.

(Actually, the article says that to determine if Strict Replication is currently enabled you should use regedit and check the value of the key, but to actually change the setting you should use repadmin)
0
 
mbb-lawAuthor Commented:
Using Repadmin it states the command should be as follows:

repadmin /regkey <DC_LIST> {+|-}<key>

I have been unable to get this to work but may be entering this wrong, i am trying

repadmin /HKEY_LOCAL_MACHINE\SYSTEM\Current Control Set\Services\NTDS\Parameters * +strict

I must be missing something somewhere.
0
 
Todd GerbertIT ConsultantCommented:
No, "/regkey" is mean to be entered literally - not replaced with a registry key. You should type the following exactly:

repadmin /regkey * +strict

Open in new window

0
 
mbb-lawAuthor Commented:
That got it Mike, thanks all for your help!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.