How can I verify AD replication between two DCs works
We have a domain with 3 DCs in different networks and we want to decomission one of them.
However, I suspect that the two remaining DCs will not replicate properly between each other due to some network misconfiguration. So I want to ensure that, after I switch off the obsolete DC, the two remaining ones will replicate flawlessly between each other.
I can ping between the two DCs without any problems, but I suspect replication might be a different story.
When I issue repadmin /showrepl dc1, it will only show the status of the previous replications with the DC I want to remove. The safe DC is not listed.
Solution 1:
Have you tried DCDIAG? It has lots of tests including Checks for timely replication and any replication errors between domain controllers
Here is a link to Dcdiag information:
https://technet.microsoft.com/en-us/library/cc731968(v=ws.11).aspx
Solution 2:
To ensure two DCs replicate with each other, you can follow the guide Forcing Replication.
You first want to ensure that both clean DCs replicate with each other.
- Open Active Directory Sites and Services, navigate to your first DC and open the NTDS Settings.
-
You will probably see a connection to the old DC. Add a new connection for the new DC. Now force replication with your other DC.
Repeat the process for the other DC.
-
Now inspect replication results for your DCs:
repadmin /showrepl dc1
Solution 3:
You can also use the graphical utility MS has and checks all AD Forest for replication issues.
https://www.microsoft.com/en-us/download/details.aspx?id=30005
Thank you