Have you ever made a change to Group Policy or an Active Directory User account, then you test your change, only to discover it isn't working? This annoyance can be caused by replication delays between your domain controllers.
 |
| The only time I've used the actual Visio symbol for an AD site. |
Here's my script to force replication between all domain controllers.
Write-Host "Beginning replication"
# Get domain controller list,
# do a foreach-object to replicate
Get-ADDomainController -filter * | % {
Write-Host "Replicating $($_.Name)"
# KCC recalculation
$null = repadmin /kcc $_.Name
# Replicatiion
$null = repadmin /syncall /A /e $_.Name
}
Write-Host "Completed replication"
Now look, dude: Always review scripts for errors and test them in a non production environment. This script works well on the smaller networks I typically work on--less than 5 sites with 2 domain controllers per site, and less than 200 users might be typical. With large or busy Active Directory installations it may not be desirable to force a replication during production hours.
Regarding AD replication. Learn this before you screw around with replication settings:
Active Directory Replication Model Technical Reference
follow me on Twitter @willniccolls
No comments:
Post a Comment