Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Site Replication Question

Status
Not open for further replies.
tavie

tavie

Technical User
Nov 23, 2001
79
US
I have a quick question about replication between sites....I cannot find the info on MS website....

Question: If I setup another site, I know I must set the replication interval between the sites, but what about immediate changes in AD like account lockouts ?? If I unlock account in one site does the cahnge immediately replicate to the other ?????
 
Sort by date Sort by votes
I think within the site it's about 5 minutes and to other sites it is controlled by the interval.
 
Upvote 0 Downvote
So if an account is locked out in site B and you unlock the account from site A, then the account will not be unlocked until the replication cycle has occurred which could be several hours ???? That does not make sense....Now you have to keep track as to what user and machine accounts are in what site in order to administrate them.
 
Upvote 0 Downvote
If you need to you can force a replication right away..
 
Upvote 0 Downvote
Understood....But would'nt it be easier if there was a mandatory change in AD that and automated replication process would keep at least the accounts in sync.....That is bar far the smallest object in AD......
 
Upvote 0 Downvote
Account lockouts are urgently replicated, meaning they do not follow the change notification rules.

There used to be a problem with account unlocks not being urgently replicated. The attribute that is changed (lockoutTime) would not be urgently replicated when it was set back to zero. This was fixed in SP2.

However, the big caveat is that urgent replication only works within a site. You can enable change notification replication between sites. This is the type of replication that is used within a site and enables urgent replication. But enabling change notification between sites takes away the benefits of normal intersite replication, like scheduling and compression.

The best thing to do is to force a full replication after unlocking an account.
 
Upvote 0 Downvote
As well as create an account using AD users and computers connected to a remote dc, you can also unlock the account in the same manner....That way the remote site does not have to wait for replication.
 
Upvote 0 Downvote
vbrocks....Your last post is what I thought would need to happen, the problem is I am dealing with old Mainframe operators who vaguely understand Windows. Making this a routine for them could be cumbersome....Thanks for the info.....
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

edgar28
  • Locked
  • Question
Question on Network cards - Windows Server 2019
Replies
1
Views
101
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
HyperV Virtual Switch and Physical NIC question
Replies
3
Views
90
DrB0b
DrB0b
DrB0b
  • Locked
  • Question
General Windows Server Datacenter/Standard Licensing Question
Replies
1
Views
66
DrB0b
DrB0b
Krus1972
  • Locked
  • Question
Web.Config URL Rewrite Question
Replies
0
Views
60
Krus1972
Krus1972
Shimness
  • Locked
  • Question
Hyper-V Server Build Questions
Replies
6
Views
122
technome
technome

Part and Inventory Search

Sponsor

Back
Top