Force Replication Between Two Domain Controllers in Active Directory
When you cannot wait for the update
Imagine having only one door to your home. No windows, no patio door, just one door. What happens if you can’t open that door? The house, and everything in it, is useless to you.
A domain controller is like a door, in a sense. One with a bouncer at it. It’s the gateway to get inside to the things you want. Active Directory (AD) is the bouncer at the door. It checks your credentials, determines if you are allowed to go through the door, and what resources you can access once inside.
If you’re running a network of any kind and only have one domain controller, you’re living in a house with one door. If something happens to that domain controller, your whole system of servers falls apart. Always have more than one domain controller (DC).
But how do you make sure that both domain controllers have the same information? Let’s say you made a security-related change on one DC. You want to make sure that change is replicated on your other DCs immediately. Why wait 15 minutes or more for it to happen by schedule? You need to force replication of the domain controllers in Active Directory.
There are 3 ways to approach this; through the graphical user interface (GUI), through the command-line interface (CLI), or via PowerShell.
Force Replication Of Domain Controller Through GUI
Windows servers make use of GUIs a lot, which is good for novice Systems Administrators. It’s easier to learn and sometimes helps you visualize what’s really happening.
Force Replication of Domain Controllers Through CLI Command
If you’re familiar with the good old Windows CMD, then therepadmincommand is for you. This is the quickest one-off way to force DC duplication. If you’re not familiar then this is a good time tolearn about Windows CMD.
Force Domain Controller Replication With PowerShell
If you’re not using PowerShell in your daily life, you’re missing out. You really owe it to yourself tolearn PowerShell. It will make your life easier, and if you’re a Junior Systems Administrator it will massively help take your career to the next step.
These steps can be done in the ordinary PowerShell CLI, but we’ve done it in the PowerShell ISE to better show the commands and their results. We’re going to build a script that you can save or even turn into a cmdlet that you can call from the PowerShell command line.
See how it returns the names of the DCs? Now you can pipe that result into the next cmdlet. A pipe is the vertical line character (|), that’s usually found on the keyboard just above theEnterkey.
The command should look like it does in the image below. Run it. It should return a message just like the one back in the Force Domain Controller Replication Through GUI section above. If it ends with, “SyncAll terminated with no errors.” then it worked.
Did you see how it also uses therepadmincommand?
The result should resemble the image below. You’ll see at the bottom the exact date and time the replication last took place.
Keep’em Replicated
Now you know 3 ways to force replication of domain controllers in AD. You’ve also put together a reusable PowerShell script that you can call from the PowerShell command-line whenever you want. There’s no excuse for your latest DC changes to sit and wait for the next scheduled replication, whenever that may be.
Guy has been published online and in print newspapers, nominated for writing awards, and cited in scholarly papers due to his ability to speak tech to anyone, but still prefers analog watches.Read Guy’s Full Bio
Welcome to Help Desk Geek- a blog full of tech tips from trusted tech experts. We have thousands of articles and guides to help you troubleshoot any issue. Our articles have been read over 150 million times since we launched in 2008.
HomeAbout UsEditorial StandardsContact UsTerms of Use
Copyright © 2008-2024 Help Desk Geek.com, LLC All Rights Reserved
