25.05.2023

How to Troubleshoot AD Replication using Repadmin Tool

Repadmin is a cmd application for diagnosing AD replication issues. Via Repadmin it is easy to view replication topology for every domain controller. And use this knowledge to manually change it and initiate replication communications between controllers. With Repadmin you can easily check replication metadata and relevance vectors (up-to-dateness (UTDVEC)).

Repadmin.exe is a built-in feature in Windows Server environment starting from 2008. It comes with AD Directory Services role and also can be setup in client OSes like Windows 10 with RSAT. In order to use Repadmin you need to have two domain controllers with configured replication between them.

Command List

 Repadmin.exe has lots of commands, lets focus on most popular ones:

How to Get General Replication Status

Let’s start from overall state of replication, run elevated cmd.exe (start->run->cmd.exe) and type in the following command:

repadmin.exe /replsummary

The output will show you any replication failures that exist in your AD environment.

How to Force Replication

Suppose you have replication failures and you need to force a replication after fixing networking connections failure. In elevated Command Prompt (cmd.exe) on any DC run:

repadmin.exe /syncall /Aped

In addition to /syncall command we have few flags that will synchronize all partitions (/A), using push notifications (/p), in enterprise mode across Active Directory sites (/e) using distinguished names instead of DNS names (/d).

How to Manage Inbound and Outbound Replication

It is possible to disable inbound and/or outbound replication with a possibility to reenable it later. To achieve that run the following commands in cmd under admin rights:

repadmin.exe /options DC01 +DISABLE_INBOUND_REPL

 Disables inbound replication on a DC01

repadmin.exe /options DC01 +DISABLE_OUTBOUND_REPL

Disables outbound replication on a DC01

repadmin.exe /options DC01 -DISABLE_INBOUND_REPL

 Enables inbound replication on a DC01

 

repadmin.exe /options DC01 -DISABLE_OUTBOUND_REPL

 Enables outbound replication on a DC01

 For example, the option to disable outbound replication is a good way to perform schema updates without the need to rebuild the entire Active Directory forest.