Perhaps you’re creating a user for immediate use in another site. Perhaps you’ve updated a group membership and accidentally used a DC in the wrong site. Maybe you’re just lazy? One of the most fun (read: boring) parts of Active Directory cross-site administration is replication. Opening up Active Directory Sites & Services and mindlessly clicking Replicate Now gets painful, and begs the question of “how can I do this faster?”. Along came Polly…That is, if by Polly you mean repadmin.exe.
Repadmin is the hidden treasure of AD-DS replication. It allows you to replicate a connection simply by executing two simple commands:
repadmin /kcc MEL-DC01 MEL-DC02 SYD-DC01
repadmin /syncall /A /e MEL-DC01
This is easy enough, but when you have more than three or four Active Directory domain controllers it, again, feels slow. Along came PowerShell. In the script below I use Quest’s ActiveRoles Active Directory Management Snap-in to find all domain controllers in the current domain and then replicate the connections to/from them all.
Once we have a list of DCs, it is possible to loop through each then recalculate the replication topology and then replicate the connections. This performs the same task as clicking Replicate Now in dssite.msc.
Replicate-ADDS.ps1
# Transcribe output to log
$null = Start-Transcript "$pwd\$([System.IO.Path]::GetFileNameWithoutExtension($MyInvocation.MyCommand.Definition)).log"
# Check the QAD snapins are installed
if ( (Get-PSSnapin -Name Quest.ActiveRoles.ADManagement -ErrorAction silentlycontinue) -eq $null ) {
# The QAD snapin is not active. Check it's installed
if ( (Get-PSSnapin -Name Quest.ActiveRoles.ADManagement -Registered -ErrorAction SilentlyContinue) -eq $null) {
Write-Error "You must install Quest ActiveRoles AD Tools to use this script!"
} else {
Write-Host "Importing QAD Tools"
Add-PSSnapin -Name Quest.ActiveRoles.ADManagement -ErrorAction Stop
}
}
Write-Host "Beginning ADDS Replication"
Write-Host "=========================="
# Find each domain controller, then do a foreach-object
Get-QADComputer -ComputerRole 'DomainController' | % {
Write-Host "Replicating $($_.Name)"
# Recalculate topology for this server
$null = repadmin /kcc $_.Name
# Replicate it
$null = repadmin /syncall /A /e $_.Name
}
Write-Host "=========================="
Write-Host "Completed ADDS Replication"
Stop-TranscriptComments/questions
There's no commenting functionality here. If you'd like to comment, please either mention me (@[email protected]) on Mastodon or email me. I don't have any logging or analytics running on this website, so if you found something useful or interesting it would mean a lot to hear from you.