Some questions about replication partners in Active Directory

Hello Active Directory Experts,

I have some replication questions that I’m hoping you can answer.  Our Active Directory has two sites (the first site is Flg and second site is Page).  The Flg site has three domain controllers.  The names of the domain controllers in the Flg site are:  DC3, DC7 and DC9.  All of these domain controllers are running Windows Server 2008.  The Page site currently has four domain controllers.  The names of the domain controllers in the Page site are:  DC1, DC2, DC 10 and DC11.  Two of these domain controllers are Server 2008 (DC10 and DC11).  The other two (DC1 and DC2) are Server 2003.

If I open Active Directory Sites and Services, I see the following information:

DC3
Name                                        From Server      From Site        Type
<automatically generated>      DC9                 Flg                       connection
<automatically generated>      DC1                 Page               connection
<automatically generated>      DC7                 Flg                       connection
DC10                                         DC10                 Page               connection

DC7
Name                                        From Server      From Site        Type
<automatically generated>      DC9                 Flg                       connection
<automatically generated>      DC3                 Flg                       connection

DC9
Name                                        From Server      From Site        Type
<automatically generated>      DC7                 Flg                       connection
<automatically generated>      DC3                 Flg                       connection          

DC1
Name                                        From Server      From Site        Type
<automatically generated>      DC2                 Page               connection
<automatically generated>      DC11                 Page               connection

DC2
Name                                        From Server      From Site        Type
<automatically generated>      DC1                 Page               connection
<automatically generated>      DC7                 Flg                   connection
<automatically generated>      DC10                 Page               connection

DC10
Name                                        From Server      From Site        Type
<automatically generated>      DC11                 Page               connection
<automatically generated>      DC2                 Page               connection
DC3                                     DC3                 Flg                  connection

DC11
Name                                        From Server      From Site        Type
<automatically generated>      DC1                 Page               connection
<automatically generated>      DC10                 Page               connection

I powered off DC1 and DC2 in the Page site.  At that point, replication between Flg and Page was not happening.  At that point, I manually created the connections named DC10 (see config for DC3) and DC3 (see config for DC10).  I tried to do a manual replication after creating this connection, but replication didn't work (I think I didn't wait long enough).  At that point in time, I turned DC1 back on and did a manual replication (that did work).  Here are my questions:
1.  If I make a manual connection (in AD Sites and Services), how long does it take for that to become active?
2.  How long does it take Active Directory to recognize that domain controllers are offline and regenerate replication partners?
3.  If I were to demote DC1 and/or DC2, would the demotion trigger an immediate regeneration of the replication partners?
LVL 1
ndalmolin_13Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Will SzymkowskiSenior Solution ArchitectCommented:
I powered off DC1 and DC2 in the Page site.  At that point, replication between Flg and Page was not happening.

The reason for this is because DC2 is the Bridge Head server for Page Site. When you powered this server off inter-site replication stops working. The bridgehead server will not regenerate a connection if you have listed DC2 as the Preferred Bridge Head Server.

If I make a manual connection (in AD Sites and Services), how long does it take for that to become active?
This depends on your Inter-Site replication interval (15 minutes max). The connection also needs to be made on the other end as well. Meaning if you opened Sites and Services on DC10 (created the connection to DC3), you will then need to go to DC3 open AD Sites and Services and create a manual connection from DC3 to DC10.

If I were to demote DC1 and/or DC2, would the demotion trigger an immediate regeneration of the replication partners?

That is correct. As long as you do not have any manually created connections or preferred bridge head servers the regeneration happens automatically when the KCC (knowledge consistency Checker) is initiated.

You can speed up this process as well from AD Sites and Services using "Check Topology" or using repadmin /syncall

Just remember that any manually created connections are completely ignored by the Knowledge Consistency Checker (KCC). It is always a good idea to allow the KCC to auto create connections for you, so it will create new connections if the DC is offline for a period of time.

Will.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
compdigit44Commented:
Will Szymkowski, how can you tell DC2 is a bridge head server??? Or am I missing this in the original question.  I am always trying to learn
0
ndalmolin_13Author Commented:
Hello All,

First of all, thank you will for your explanation.

I checked our configuration and we do not have a bridge head server configured.  Is this done automatically?
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Will SzymkowskiSenior Solution ArchitectCommented:
The knowledge consistency Checker (KCC) automatically creates connections for bridgehead servers, (as long as you do not specifically set a "Preferred Bridge Head" Server. This is a calculation based on system resources network latency/connectivity which is how the KCC makes the appropriate server in the AD Site the Bridge Head Server.

@CompDigit44 -
Will Szymkowski, how can you tell DC2 is a bridge head server??? Or am I missing this in the original question.  I am always trying to learn

Not a problem. I know that in the Page site DC2 is the Bridge head server because it is the only server in the site that has a connection made to another DC in the FLG DC.

However, after looking I also see DC10 has a connection to DC3 in the FLG site.

At first i did not see this which is how i can identify what server is the bridge head. There should only be 1 server that has a connection to another AD site as the bridge head server (the KCC can change this connection to another DC if it feels the need to Resource Load Connection etc.)

However, ndalmolin_13 need to double check those connections and possibly force a Replication Topology Check again to ensure those connections should be there.

I would also like to see the results for repadmin /bridgeheads which will actually show you which DC is acting as the bridge head server.

Aside from that what i have mentioned in my first post is correct, just an oversight on my part not noticing the DC10 also had a connection to a AD in the FLG site.

Will.
0
compdigit44Commented:
Great explanation Will Szymkowski!!!!
0
ndalmolin_13Author Commented:
Awesome explanation.  Thanks for sharing your knowledge.
0
ndalmolin_13Author Commented:
Outstanding explaination
0
Will SzymkowskiSenior Solution ArchitectCommented:
Thanks guys, glad to have helped explain this situation.

Will.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.