Using Replication
Monitor
Replication Monitor
(replmon.exe) is a graphical tool, included in Windows Support Tools,
that allows you to monitor and troubleshoot Active Directory
replication. This feature is essential in monitoring DNS data transfer
for Active Directory–integrated zones.
You can use
Replication Monitor to perform the following functions:
Force
replication of DNS data throughout various replication scopes.
See when a
replication partner fails.
Display
replication topology.
Poll replication partners and generate individual
histories of successful and failed replication events.
Display changes that have not yet
replicated from a given replication partner.
Monitor replication
status of domain controllers from multiple forests.
After you have
installed Windows Support Tools, you can launch Replication Monitor by
typing replmon
at a command prompt (or in the Run dialog box) and then pressing Enter.
This procedure opens the Replication Monitor, shown in Figure 1.
Replication
Monitor allows you to monitor Active Directory replication through
specific domain controllers on your network. However, no domain
controllers are included in the console tree by default. To add a domain
controller to the Replication Monitor console tree, right-click the
Monitored Servers icon and then click Add Monitored Server. Once you
have added all the servers you intend to monitor, you can save this
console configuration as an .ini file and open the file from within
Replication Monitor on subsequent uses.
Directory Partitions and
Active Directory–Integrated Zones |
For each server listed in
the console tree, you can display the Active Directory partitions
installed on that server by expanding the associated server icon. Domain
controllers that are DNS servers and that host a single Active
Directory–integrated zone include a replica of five such partitions by
default.
The following list
describes these five partitions for an Active Directory domain and DNS
zone named contoso.com:
DC=contoso,DC=com
The domain partition, which contains objects (such as users and
computers) associated with the local domain. Each domain controller
stores a full replica of the domain partition for its local domain. In
addition, in this partition DNS data is stored for compatibility with
Microsoft Windows 2000 DNS servers. To store DNS zone data in the domain
partition, set the zone replication scope in the DNS console to All
Domain Controllers In The Domain. (This is the default setting.)
CN=Configuration,DC=contoso,DC=com The configuration partition, which
contains replication topology and other configuration information that
must be replicated throughout the forest. Each DC in the forest has a
replica of the same configuration partition. However, this partition
does not include DNS zone data.
CN=Schema,DC=contoso,DC=com The schema partition, which contains the
classSchema and attributeSchema objects that define the types of objects
that can exist in the Active Directory forest. Every DC in the forest
has a replica of the same schema partition. However, this partition does
not include DNS zone data.
DC=DomainDnsZones,DC=contoso,DC=com
The built-in application directory
partition named DomainDnsZones, which is replicated among all Windows
Server 2003 domain controllers that are also DNS servers in a particular
Active Directory domain. To store DNS zone data in the DomainDnsZones
partition, set the zone replication scope in the DNS console to All DNS
Servers In The Active Directory Domain.
DC=ForestDnsZones,DC=contoso,DC=com The built-in application directory partition
named ForestDnsZones, which is replicated among all Windows Server 2003
domain controllers that are also DNS servers in an Active Directory
forest. To store DNS zone data in the ForestDnsZones partition, set the
zone replication scope in the DNS console to All DNS Servers In The
Active Directory Forest.
You can also create
custom application directory partitions and enlist the domain
controllers you choose to store a replica of that partition. In Figure 1, Replication Monitor displays such an application
directory partition, named Custom. To store DNS zone data in a custom
application directory partition, set the zone replication scope in the
DNS console to All Domain Controllers Specified In The Scope Of The
Following Application Directory Partition. Then select the desired
application directory partition from the drop-down list.
To find out
which Active Directory partition is used to store data for a particular
DNS zone, you can either check the DNS zone properties in the DNS
console or use the Dnscmd /zoneinfo command.
|
The Dnscmd utility might
not be heavily tested on the exam, but this commandline tool can still
help you by making your job easier. For example, instead of clicking
through endless dialog boxes, you can use Dnscmd both to determine and
to change the zone replication scope. To determine the zone replication
scope for a domain named domain1.local, simply type the following
command at a command prompt: dnscmd /zoneinfo domain1.local. Then look
for an entry named directory partition in the output. To change zone
replication scope, use the /zonechangedirectorypartition switch followed
by any of the following switches, as appropriate: /domain (for all DNS
servers in the domain), /forest (for all DNS servers in the forest), and
/legacy (for all domain controllers in the domain). For example, to set
the replication scope of a zone named domain1.local to all DNS servers
in the domain, type the following command: dnscmd
/zonechangedirectorypartition domain1.local /domain.
If you have proper
credentials, you can even perform these commands remotely. In this case,
simply specify the server name after dnscmd.
|
Forcing Active
Directory–Integrated Zone Replication
Once you know the
directory partition in which DNS zone information is stored, you can
force replication for that zone in Replication Monitor. This procedure
can help resolve name resolution problems caused by outdated zone data.
To force Active
Directory–integrated zone replication, right-click the appropriate
partition in the Replication Monitor console tree and select Synchronize
This Partition With All Servers.
This procedure opens the
dialog box shown in Figure 2.
When forcing a
replication, you can use this dialog box to replicate only to
neighboring servers, to replicate out to all servers on the local site,
or to replicate to all servers across sites.
Searching for
Replication Errors
DNS errors in
Active Directory–integrated zones can result from faulty zone
replication. You can use Replication Monitor to search the domain for
such replication errors. To do so, from the Action menu select Domain,
and then select Search Domain Controllers For Replication Errors, as
shown in Figure 3.
As an alternative, you can configure Replication
Monitor to send an e-mail to an administrator after a specified number
of replication failures. To perform this task, from the View menu select
Options. In the Active Directory Replication Monitor Options dialog
box, select the Notify When Replication Fails After This Number Of
Attempts option, and then specify the number of failures that you want
to trigger an e-mail. Finally, select the Send Mail To check box and
specify an e-mail address in the associated text box.
Tip
Replication
Monitor provides a general means to monitor Active Directory replication
and spot replication errors. To perform detailed analysis and
troubleshooting of Active Directory replication, use the Repadmin
command-line utility, also included in Windows Support Tools. |
