Difference between revisions of "Manually Replicating Directory Partitions"

(Added introduction and section titles)
(Added admonition about replication agreements. Minor other changes.)
Line 1: Line 1:
 
= Introduction =
 
= Introduction =
  
In some situations, it is necessary to manually force a replication between two domain controllers (DC). You need to run the replication for every Active Directory (AD) partition separately.
+
In certain situations, it is necessary to manually force a replication for an Active Directory (AD) partition between two domain controllers (DC).
  
 +
{{Imbox
 +
| type = important
 +
| text = Manually forcing a replication does not create a replication agreement between DCs. For further details, see [[The Samba KCC]].
 +
}}
  
  
  
  
= Replicating Each Directory Partition Manually =
 
  
To replicate the AD partitions from the domain controller <code>DC1</code> to <code>DC2</code>, run:
+
= Manually Replicating Directory Partitions =
 +
 
 +
To manually replicate all AD partitions from domain controller <code>DC1</code> to <code>DC2</code>:
  
 
  # samba-tool drs replicate DC2 DC1 dc=samdom,dc=example,dc=com
 
  # samba-tool drs replicate DC2 DC1 dc=samdom,dc=example,dc=com
Line 26: Line 31:
 
  Replicate from DC1 to DC2 was successful.
 
  Replicate from DC1 to DC2 was successful.
  
To resynchronise all objects between two domain controllers, pass the <code>--full-sync</code> option to the command.
+
By default, the <code>samba-tool drs replicate</code> command replicates only object operations that were not ran on the destination DC. This includes:
 +
* Create new objects
 +
* Updated changed objects
 +
* Delete removed objects
 +
 
 +
To resynchronise all objects in a partition, pass the <code>--full-sync</code> option to the command.

Revision as of 20:52, 12 May 2017

Introduction

In certain situations, it is necessary to manually force a replication for an Active Directory (AD) partition between two domain controllers (DC).



Manually Replicating Directory Partitions

To manually replicate all AD partitions from domain controller DC1 to DC2:

# samba-tool drs replicate DC2 DC1 dc=samdom,dc=example,dc=com
Replicate from DC1 to DC2 was successful.

# samba-tool drs replicate DC2 DC1 DC=ForestDnsZones,DC=samdom,DC=example,DC=com
Replicate from DC1 to DC2 was successful.

# samba-tool drs replicate DC2 DC1 CN=Configuration,DC=samdom,DC=example,DC=com
Replicate from DC1 to DC2 was successful.

# samba-tool drs replicate DC2 DC1 DC=DomainDnsZones,DC=samdom,DC=example,DC=com
Replicate from DC1 to DC2 was successful.

# samba-tool drs replicate DC2 DC1 CN=Schema,CN=Configuration,DC=samdom,DC=example,DC=com
Replicate from DC1 to DC2 was successful.

By default, the samba-tool drs replicate command replicates only object operations that were not ran on the destination DC. This includes:

  • Create new objects
  • Updated changed objects
  • Delete removed objects

To resynchronise all objects in a partition, pass the --full-sync option to the command.