Microsoft Event ID and KB Articals: 02/27/09

Friday, February 27, 2009

Using the BurFlags registry key to reinitialize File Replication Service replica sets

Overview

FRS is a multi-threaded, multi-master replication engine that Windows Server 2003 and Windows 2000 domain controllers use to replicate system policies and logon scripts for Windows Server 2003, Windows 2000, and earlier-version clients. In Microsoft Windows NT, the LanMan Replication (LMREP) service handled replication. FRS replaced LMREP in Windows 2000. You can also use FRS to replicate content between Windows 2000 servers that host the same fault-tolerant Distributed File System (DFS) roots or child node replicas.

When you deploy Windows-based domain controllers or member servers that use FRS to replicate files in SYSVOL or DFS shares, you may have to restore or reinitialize individual members of a replica set if replication has stopped or is inconsistent. In some scenarios, you may have to rebuild the whole replica set from scratch.

The FRS BurFlags registry key is used to perform authoritative or nonauthoritative restores on FRS members of DFS or SYSVOL replica sets.

Note System state backups of Windows member servers and domain controllers do not include the FRS database that maintains a mapping of files that are held in local FRS trees and a master list of FRS files. For more information about exclusions for Ntbackup.exe, click the following article number to view the article in the Microsoft Knowledge Base:

233427 (http://support.microsoft.com/kb/233427/ ) Files and folders that are not backed up when the Ntbackup.exe tool is used in Windows Server 2003, Windows XP, and Windows 2000

Restoring FRS replicas

The global BurFlags registry key contains REG_DWORD values, and is located in the following location in the registry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup

The most common values for the BurFlags registry key are:

D2, also known as a nonauthoritative mode restore
D4, also known as an authoritative mode restore

You can also perform BurFlags restores at the same time as you restore data from backup or from any other known good source, and then restart the service.

Nonauthoritative restore

Nonauthoritative restores are the most common way to reinitialize individual members of FRS replica sets that are having difficulty. These difficulties may include:

Assertions in the FRS service
Corruption of the local jet database
Journal wrap errors
FRS replication failures

Attempt nonauthoritative restores only after you discover FRS dependencies and you understand and resolve the root cause. For more information about how to discover FRS dependencies, see the "Considerations before configuring authoritative or nonauthoritative restores of FRS members" section later in this article.

Members who are nonauthoritatively restored must have inbound connections from operational upstream partners where you are performing Active Directory and FRS replication. In a large replica set that has at least one known good replica member, you can recover all the remaining replica members by using a nonauthoritative mode restore if you reinitialize the computers in direct replication partner order.

If you determine that you must complete a nonauthoritative restore to return a member back into service, save as much state from that member and from the direct replication partner in the direction that replication is not working. This permits you to review the problem later. You can obtain state information from the FRS and System logs in the Event Viewer.

Note You can configure the FRS logs to record detailed debugging entries. For more information about how to configure FRS logging, click the following article number to view the article in the Microsoft Knowledge Base:

221111 (http://support.microsoft.com/kb/221111/ ) Description of FRS entries in the registry

To perform a nonauthoritative restore, stop the FRS service, configure the BurFlags registry key, and then restart the FRS service. To do so:

Click Start, and then click Run.
In the Open box, type cmd and then press ENTER.
In the Command box, type net stop ntfrs.
Click Start, and then click Run.
In the Open box, type regedit and then press ENTER.
Locate the following subkey in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
In the right pane, double-click BurFlags.
In the Edit DWORD Value dialog box, type D2 and then click OK.
Quit Registry Editor, and then switch to the Command box.
In the Command box, type net start ntfrs.
Quit the Command box.

When the FRS service restarts, the following actions occur:

The value for BurFlags registry key returns to 0.
Files in the reinitialized FRS folders are moved to a Pre-existing folder.
An event 13565 is logged to signal that a nonauthoritative restore is started.
The FRS database is rebuilt.
The member performs an initial join of the replica set from an upstream partner or from the computer that is specified in the Replica Set Parent registry key if a parent has been specified for SYSVOL replica sets.
The reinitialized computer runs a full replication of the affected replica sets when the relevant replication schedule begins.
When the process is complete, an event 13516 is logged to signal that FRS is operational. If the event is not logged, there is a problem with the FRS configuration.

Note: The placement of files in the Pre-existing folder on reinitialized members is a safeguard in FRS designed to prevent accidental data loss. Any files destined for the replica that exist only in the local Pre-existing folder and did not replicate in after the initial replication may then be copied to the appropriate folder. When outbound replication has occurred, delete files in the Pre-existing folder to free up additional drive space.

Authoritative FRS restore

Use authoritative restores only as a final option, such as in the case of directory collisions.

For example, you may require an authoritative restore if you must recover an FRS replica set where replication has completely stopped and requires a rebuild from scratch.

The following list of requirements must be met when before you perform an authoritative FRS restore:

The FRS service must be disabled on all downstream partners (direct and transitive) for the reinitialized replica sets before you restart the FRS service when the authoritative restore has been configured to occur.
Events 13553 and 13516 have been logged in the FRS event log. These events indicate that the membership to the replica set has been established on the computer that is configured for the authoritative restore.
The computer that is configured for the authoritative restore is configured to be authoritative for all the data that you want to replicate to replica set members. This is not the case if you are performing a join on an empty directory. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
266679 (http://support.microsoft.com/kb/266679/ ) Pre-staging the File Replication service replicated files on SYSVOL and Distributed file system shares for optimal synchronization
All other partners in the replica set must be reinitialized with a nonauthoritative restore.

To complete an authoritative restore, stop the FRS service, configure the BurFlags registry key, and then restart the FRS service. To do so:

Click Start, and then click Run.
In the Open box, type cmd and then press ENTER.
In the Command box, type net stop ntfrs.
Click Start, and then click Run.
In the Open box, type regedit and then press ENTER.
Locate the following subkey in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
In the right pane, double click BurFlags.
In the Edit DWORD Value dialog box, type D4 and then click OK.
Quit Registry Editor, and then switch to the Command box.
In the Command box, type net start ntfrs.
Quit the Command box.

When the FRS service is restarted, the following actions occur:

The value for the BurFlags registry key is set back to 0.
An event 13566 is logged to signal that an authoritative restore is started.
Files in the reinitialized FRS replicated directories remain unchanged and become authoritative on direct replication. Additionally, the files become indirect replication partners through transitive replication.
The FRS database is rebuilt based on current file inventory.
When the process is complete, an event 13516 is logged to signal that FRS is operational. If the event is not logged, there is a problem with the FRS configuration.

Global vs. replica set specific reinitialization

There are both global- and replica set-specific BurFlags registry keys. Setting the global BurFlags registry key reinitializes all replica sets that the member holds. Do this only when the computer holds only one replica set, or when the replica sets that it holds are relatively small.

In contrast to configuring the global BurFlags key, the replica set BurFlags key permits you to reinitializes discrete, individual replica sets, allowing healthy replication sets to be left intact.

The global BurFlags registry key is found in the following location in the registry:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup / Restore\Process At Startup

This key can contain the same values as those that are discussed earlier in this article for authoritative and nonauthoritative restores.

You can locate the replica set specific BurFlags registry key by determining the GUID for the replica set that you want to configure. To determine which GUID corresponds to which replica set and configure a restore, follow these steps:

Click Start, and then click Run.
In the Open box, type cmd and then press ENTER.
In the Command box, type net stop ntfrs.
Click Start, and then click Run.
In the Open box, type regedit and then press ENTER.
To determine the GUID that represents the replica set that you want to configure, follow these steps:
1. Locate the following key in the registry:
  KEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Replica Sets
2. Below the Replica Sets subkey, there are one or more subkeys that are identified by a GUID. In the left pane, click the GUID, and then in the right pane note the Data that is listed for the Replica Set Root value. This file system path will indicate which replica set is represented by this GUID.
3. Repeat step 4 for each GUID that is listed below the Replica Sets subkey until you locate the replica set that you want to configure. Note the GUID.
Locate the following key in the registry:
KEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Cumulative Replica Sets
Below the Cumulative Replica Sets subkey, locate the GUID you noted in step 6c.
In the right pane, double click BurFlags.
In the Edit DWORD Value dialog box, type D2 to complete a nonauthoritative restore or type D4 to complete an authoritative restore, and then click OK.
Quit Registry Editor, and then switch to the Command box.
In the Command box, type net start ntfrs.
Quit the Command box.

Considerations before you configure authoritative or nonauthoritative restores of FRS members

If you configure an FRS member to complete an authoritative or nonauthoritative restore by using the BurFlags registry subkey, you do not resolve the issues that initially caused the replication problem. If you cannot determine the cause of the replication difficulties, the members will typically revert back to the problematic situation as replication continues.

A detailed breakdown on FRS interdependencies is beyond the scope of this article, but your troubleshooting should include the following actions:

Verify that Active Directory replication is successful. Resolve Active Directory replication issues before you perform additional FRS troubleshooting. Use the Repadmin /showreps command to verify that Active Directory replication is occurring successfully. The Repadmin.exe tool is located in the Support\Tools folder on the Windows 2000 CD-ROM.
Verify that inbound and outbound Active Directory replication occurs between all domain controllers that host SYSVOL replica sets and between all domain controllers that host computer accounts for servers that participate in DFS replica sets.
Verify that FRS member objects, subscriber objects and connection objects exist in the Active Directory for all the computers that participate in FRS replication.
Verify that inbound and outbound connection objects exist for all domain controllers in the domain for SYSVOL replica sets.
Verify that all the members of DFS replica sets have at least inbound connection objects in a topology to avoid islands of replication.
Review the FRS and SYSTEM event logs on direct replication partners that are having difficulty.
Review the FRS debug logs in the %SYSTEMROOT%\DEBUG\NTFRS_*.LOG between the direct replication partners that are having replication problems.

For more information about how to troubleshoot, click the following article number to view the article in the Microsoft Knowledge Base:

Using the BurFlags registry key to reinitialize File Replication Service replica sets

Overview

233427 (http://support.microsoft.com/kb/233427/ ) Files and folders that are not backed up when the Ntbackup.exe tool is used in Windows Server 2003, Windows XP, and Windows 2000

Restoring FRS replicas

The global BurFlags registry key contains REG_DWORD values, and is located in the following location in the registry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup

The most common values for the BurFlags registry key are:

D2, also known as a nonauthoritative mode restore
D4, also known as an authoritative mode restore

You can also perform BurFlags restores at the same time as you restore data from backup or from any other known good source, and then restart the service.

Nonauthoritative restore

Nonauthoritative restores are the most common way to reinitialize individual members of FRS replica sets that are having difficulty. These difficulties may include:

Assertions in the FRS service
Corruption of the local jet database
Journal wrap errors
FRS replication failures

221111 (http://support.microsoft.com/kb/221111/ ) Description of FRS entries in the registry

To perform a nonauthoritative restore, stop the FRS service, configure the BurFlags registry key, and then restart the FRS service. To do so:

Click Start, and then click Run.
In the Open box, type cmd and then press ENTER.
In the Command box, type net stop ntfrs.
Click Start, and then click Run.
In the Open box, type regedit and then press ENTER.
Locate the following subkey in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
In the right pane, double-click BurFlags.
In the Edit DWORD Value dialog box, type D2 and then click OK.
Quit Registry Editor, and then switch to the Command box.
In the Command box, type net start ntfrs.
Quit the Command box.

When the FRS service restarts, the following actions occur:

The value for BurFlags registry key returns to 0.
Files in the reinitialized FRS folders are moved to a Pre-existing folder.
An event 13565 is logged to signal that a nonauthoritative restore is started.
The FRS database is rebuilt.
The member performs an initial join of the replica set from an upstream partner or from the computer that is specified in the Replica Set Parent registry key if a parent has been specified for SYSVOL replica sets.
The reinitialized computer runs a full replication of the affected replica sets when the relevant replication schedule begins.
When the process is complete, an event 13516 is logged to signal that FRS is operational. If the event is not logged, there is a problem with the FRS configuration.

Authoritative FRS restore

The FRS service must be disabled on all downstream partners (direct and transitive) for the reinitialized replica sets before you restart the FRS service when the authoritative restore has been configured to occur.
Events 13553 and 13516 have been logged in the FRS event log. These events indicate that the membership to the replica set has been established on the computer that is configured for the authoritative restore.
The computer that is configured for the authoritative restore is configured to be authoritative for all the data that you want to replicate to replica set members. This is not the case if you are performing a join on an empty directory. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
266679 (http://support.microsoft.com/kb/266679/ ) Pre-staging the File Replication service replicated files on SYSVOL and Distributed file system shares for optimal synchronization
All other partners in the replica set must be reinitialized with a nonauthoritative restore.

To complete an authoritative restore, stop the FRS service, configure the BurFlags registry key, and then restart the FRS service. To do so:

Click Start, and then click Run.
In the Open box, type cmd and then press ENTER.
In the Command box, type net stop ntfrs.
Click Start, and then click Run.
In the Open box, type regedit and then press ENTER.
Locate the following subkey in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
In the right pane, double click BurFlags.
In the Edit DWORD Value dialog box, type D4 and then click OK.
Quit Registry Editor, and then switch to the Command box.
In the Command box, type net start ntfrs.
Quit the Command box.

When the FRS service is restarted, the following actions occur:

The value for the BurFlags registry key is set back to 0.
An event 13566 is logged to signal that an authoritative restore is started.
Files in the reinitialized FRS replicated directories remain unchanged and become authoritative on direct replication. Additionally, the files become indirect replication partners through transitive replication.
The FRS database is rebuilt based on current file inventory.
When the process is complete, an event 13516 is logged to signal that FRS is operational. If the event is not logged, there is a problem with the FRS configuration.

Global vs. replica set specific reinitialization

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup / Restore\Process At Startup

Click Start, and then click Run.
In the Open box, type cmd and then press ENTER.
In the Command box, type net stop ntfrs.
Click Start, and then click Run.
In the Open box, type regedit and then press ENTER.
To determine the GUID that represents the replica set that you want to configure, follow these steps:
1. Locate the following key in the registry:
  KEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Replica Sets
2. Below the Replica Sets subkey, there are one or more subkeys that are identified by a GUID. In the left pane, click the GUID, and then in the right pane note the Data that is listed for the Replica Set Root value. This file system path will indicate which replica set is represented by this GUID.
3. Repeat step 4 for each GUID that is listed below the Replica Sets subkey until you locate the replica set that you want to configure. Note the GUID.
Locate the following key in the registry:
KEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Cumulative Replica Sets
Below the Cumulative Replica Sets subkey, locate the GUID you noted in step 6c.
In the right pane, double click BurFlags.
In the Edit DWORD Value dialog box, type D2 to complete a nonauthoritative restore or type D4 to complete an authoritative restore, and then click OK.
Quit Registry Editor, and then switch to the Command box.
In the Command box, type net start ntfrs.
Quit the Command box.

Considerations before you configure authoritative or nonauthoritative restores of FRS members

Verify that Active Directory replication is successful. Resolve Active Directory replication issues before you perform additional FRS troubleshooting. Use the Repadmin /showreps command to verify that Active Directory replication is occurring successfully. The Repadmin.exe tool is located in the Support\Tools folder on the Windows 2000 CD-ROM.
Verify that inbound and outbound Active Directory replication occurs between all domain controllers that host SYSVOL replica sets and between all domain controllers that host computer accounts for servers that participate in DFS replica sets.
Verify that FRS member objects, subscriber objects and connection objects exist in the Active Directory for all the computers that participate in FRS replication.
Verify that inbound and outbound connection objects exist for all domain controllers in the domain for SYSVOL replica sets.
Verify that all the members of DFS replica sets have at least inbound connection objects in a topology to avoid islands of replication.
Review the FRS and SYSTEM event logs on direct replication partners that are having difficulty.
Review the FRS debug logs in the %SYSTEMROOT%\DEBUG\NTFRS_*.LOG between the direct replication partners that are having replication problems.

For more information about how to troubleshoot, click the following article number to view the article in the Microsoft Knowledge Base:

3 WAN Protocols you should know: HDLC, PPP, and Frame-Relay

What is HDLC?

HDLC stands for High-Level Data Link Control protocol. Like the two other WAN protocols mentioned in this article, HDLC is a Layer 2 protocol (see OSI Model for more information on Layers). HDLC is a simple protocol used to connect point to point serial devices. For example, you have point to point leased line connecting two locations, in two different cities. HDLC would be the protocol with the least amount of configuration required to connect these two locations. HDLC would be running over the WAN, between the two locations. Each router would be de-encapsulating HDLC and turning dropping it off on the LAN.

HDLC performs error correction, just like Ethernet. Cisco's version of HDLC is actually proprietary because they added a protocol type field. Thus, Cisco HDLC can only work with other Cisco devices.

HDLC is actually the default protocol on all Cisco serial interfaces. If you do a show running-config on a Cisco router, your serial interfaces (by default) won't have any encapsulation. This is because they are configured to the default of HDLC. If you do a show interface serial 0/0, you'll see that you are running HDLC. Here is an example:

What is PPP?

You may have heard of the Point to Point Protocol (PPP) because it is used for most every dial up connection to the Internet. PPP is documented in RFC 1661. PPP is based on HDLC and is very similar. Both work well to connect point to point leased lines.

The differences between PPP and HDLC are:

PPP is not proprietary when used on a Cisco router
PPP has several sub-protocols that make it function.
PPP is feature-rich with dial up networking features

Because PPP has so many dial-up networking features, it has become the most popular dial up networking protocol in use today. Here are some of the dial-up networking features it offers:

Link quality management monitors the quality of the dial-up link and how many errors have been taken. It can bring the link down if the link is receiving too many errors.
Multilink can bring up multiple PPP dialup links and bond them together to function as one.
Authentication is supported with PAP and CHAP. These protocols take your username and password to ensure that you are allowed access to the network you are dialing in to.

To change from HDLC to PPP, on a Cisco router, use the encapsulation ppp command, like this:

After changing the encapsulation to ppp, I typed ppp ? to list the PPP options available. There are many PPP options when compared to HDLC. The list of PPP options in the screenshot is only a partial list of what is available.

What is Frame-Relay?

Frame Relay is a Layer 2 protocol and commonly known as a service from carriers. For example, people will say "I ordered a frame-relay circuit". Frame relay creates a private network through a carrier's network. This is done with permanent virtual circuits (PVC). A PVC is a connection from one site, to another site, through the carrier's network. This is really just a configuration entry that a carrier makes on their frame relay switches.

Obtaining a frame-relay circuit is done by ordering a T1 or fractional T1 from the carrier. On top of that, you order a frame-relay port, matching the size of the circuit you ordered. Finally, you order a PVC that connects your frame relay port to another of your ports inside the network.

The benefits to frame-relay are:

Ability to have a single circuit that connects to the "frame relay cloud" and gain access to all other sites (as long as you have PVCs). As the number of locations grow, you would save more and more money because you don't need as many circuits as you would if you were trying to fully-mesh your network with point to point leased lines.
Improved disaster recovery because all you have to do is to order a single circuit to the cloud and PVC's to gain access to all remote sites.
By using the PVCs, you can design your WAN however you want. Meaning, you define what sites have direct connections to other sites and you only pay the small monthly PVC fee for each connection.

Some other terms you should know, concerning frame relay are:

LMI = local management interface. LMI is the management protocol of frame relay. LMI is sent between the frame relay switches and routers to communicate what DLCI's are available and if there is congestion in the network.
DLCI = data link connection identifier. This is a number used to identify each PVC in the frame relay network.
CIR = committed information rate. This is the amount bandwidth you pay to guarantee you will receive, on each PVC. Generally you have much less CIR than you have port speed. You can, of course, burst above your CIR to your port speed but that traffic is marked DE.
DE = discard eligible. Traffic marked DE (that was above your CIR) CAN be discarded by the frame-relay network if there is congestion.
FECN & BECN = forward explicit congestion notification & backward explicit congestion notification. These are bits set inside LMI packets to alert the frame-relay devices that there is congestion in the network.

3 WAN Protocols you should know: HDLC, PPP, and Frame-Relay

What is HDLC?

HDLC performs error correction, just like Ethernet. Cisco's version of HDLC is actually proprietary because they added a protocol type field. Thus, Cisco HDLC can only work with other Cisco devices.

What is PPP?

The differences between PPP and HDLC are:

PPP is not proprietary when used on a Cisco router
PPP has several sub-protocols that make it function.
PPP is feature-rich with dial up networking features

Because PPP has so many dial-up networking features, it has become the most popular dial up networking protocol in use today. Here are some of the dial-up networking features it offers:

Link quality management monitors the quality of the dial-up link and how many errors have been taken. It can bring the link down if the link is receiving too many errors.
Multilink can bring up multiple PPP dialup links and bond them together to function as one.
Authentication is supported with PAP and CHAP. These protocols take your username and password to ensure that you are allowed access to the network you are dialing in to.

To change from HDLC to PPP, on a Cisco router, use the encapsulation ppp command, like this:

What is Frame-Relay?

The benefits to frame-relay are:

Ability to have a single circuit that connects to the "frame relay cloud" and gain access to all other sites (as long as you have PVCs). As the number of locations grow, you would save more and more money because you don't need as many circuits as you would if you were trying to fully-mesh your network with point to point leased lines.
Improved disaster recovery because all you have to do is to order a single circuit to the cloud and PVC's to gain access to all remote sites.
By using the PVCs, you can design your WAN however you want. Meaning, you define what sites have direct connections to other sites and you only pay the small monthly PVC fee for each connection.

Some other terms you should know, concerning frame relay are:

LMI = local management interface. LMI is the management protocol of frame relay. LMI is sent between the frame relay switches and routers to communicate what DLCI's are available and if there is congestion in the network.
DLCI = data link connection identifier. This is a number used to identify each PVC in the frame relay network.
CIR = committed information rate. This is the amount bandwidth you pay to guarantee you will receive, on each PVC. Generally you have much less CIR than you have port speed. You can, of course, burst above your CIR to your port speed but that traffic is marked DE.
DE = discard eligible. Traffic marked DE (that was above your CIR) CAN be discarded by the frame-relay network if there is congestion.
FECN & BECN = forward explicit congestion notification & backward explicit congestion notification. These are bits set inside LMI packets to alert the frame-relay devices that there is congestion in the network.

Backup Windows Server 2003 Active Directory

To ensure your ability to actually use this backup, you must be aware of the tombstone lifetime. By default, the tombstone is 60 days (for Windows 2000/2003 DCs), or 180 days (for Active Directory based upon Windows Server 2003 SP1 DCs).

Note: Longer tombstone lifetime decreases the chance that a deleted object remains in the local directory of a disconnected DC beyond the time when the object is permanently deleted from online DCs. The tombstone lifetime is not changed automatically when you upgrade to Windows Server 2003 with SP1, but you can change the tombstone lifetime manually after the upgrade. New forests that are installed with Windows Server 2003 with SP1 have a default tombstone lifetime of 180 days. Read my "Changing the Tombstone Lifetime Attribute in Active Directory" article for more info on that.

Any backup older than 60/180 days is not a good backup and cannot be used to restore any DC. You do not need to backup all your DCs' System States, usually backing up the first DC in the Forest + the first DCs in each domain is enough for most scenarios.

Purpose of Performing Regular Backups

You need a current, verified, and reliable backup to:

Restore Active Directory data that becomes lost. By using an authoritative restore process, you can restore individual objects or sets of objects (containers or directory partitions) from their deleted state. Read my "Recovering Deleted Items in Active Directory" article for more info on that.
Recover a DC that cannot start up or operate normally because of software failure or hardware failure.
Install Active Directory from backup media (using the dcpromo /adv command). Read my "Install DC from Media in Windows Server 2003" article for more info on that.
Perform a forest recovery if forest-wide failure occurs.

All these are reasons to have good working and reliable backups.

Note: One of the Active Directory features that was introduced in Windows Server 2003 with Service Pack 1 was the Directory Service Backup Reminders. With this reminder, a new event message, event ID 2089, provides the backup status of each directory partition that a domain controller stores. This includes application directory partitions and Active Directory Application Mode (ADAM) partitions. If halfway through the tombstone lifetime a partition has not been backed up, this event is logged in the Directory Service event log and continues daily until the partition is backed up.

Note: You can only back up the System State data on a local computer. You cannot back up the System State data on a remote computer.

Method #1: Using NTBACKUP

Open NTBACKUP by either going to Run, then NTBACKUP and pressing Enter or by going to Start -> Accessories -> System Tools.
If you are prompted by the Backup or Restore Wizard, I suggest you un-check the "Always Start in Wizard Mode" checkbox, and click on the Advanced Mode link.
Inside NTBACKUP's main window, click on the Backup tab.
Click to select the System State checkbox. Note you cannot manually select components of the System State backup. It's all or nothing.
Enter a backup path for the BKF file. If you're using a tape device, make sure NTBACKUP is aware and properly configured to use it.
Press Start Backup.
The Backup Job Information pops out, allowing you to configure a scheduled backup job and other settings. For the System State backup, do not change any of the other settings except the schedule, if so desired. When done, press Start Backup.
After a few moments of configuration tasks, NTBACKUP will begin the backup job.
When the backup is complete, review the output and close NTBACKUP.

Next, you need to properly label and secure the backup file/tape and if possible, store a copy of it on a remote and secure location.

Method #2: Using the Command Prompt

You can use the command line version of NTBACKUP in order to perform backups from the Command Prompt.

For example, to create a backup job named "System State Backup Job" that backs up the System State data to the file D:\system_state_backup.bkf, type:

ntbackup backup systemstate /J "System State Backup Job" /F "D:\system_state_backup.bkf"

For Microsoft's official documentation on Active Directory backups, see: Active Directory Operations Guide - Active Directory Backup and Restore

Backup Windows Server 2003 Active Directory

Purpose of Performing Regular Backups

You need a current, verified, and reliable backup to:

Restore Active Directory data that becomes lost. By using an authoritative restore process, you can restore individual objects or sets of objects (containers or directory partitions) from their deleted state. Read my "Recovering Deleted Items in Active Directory" article for more info on that.
Recover a DC that cannot start up or operate normally because of software failure or hardware failure.
Install Active Directory from backup media (using the dcpromo /adv command). Read my "Install DC from Media in Windows Server 2003" article for more info on that.
Perform a forest recovery if forest-wide failure occurs.

All these are reasons to have good working and reliable backups.

Note: You can only back up the System State data on a local computer. You cannot back up the System State data on a remote computer.

Method #1: Using NTBACKUP

Open NTBACKUP by either going to Run, then NTBACKUP and pressing Enter or by going to Start -> Accessories -> System Tools.
If you are prompted by the Backup or Restore Wizard, I suggest you un-check the "Always Start in Wizard Mode" checkbox, and click on the Advanced Mode link.
Inside NTBACKUP's main window, click on the Backup tab.
Click to select the System State checkbox. Note you cannot manually select components of the System State backup. It's all or nothing.
Enter a backup path for the BKF file. If you're using a tape device, make sure NTBACKUP is aware and properly configured to use it.
Press Start Backup.
The Backup Job Information pops out, allowing you to configure a scheduled backup job and other settings. For the System State backup, do not change any of the other settings except the schedule, if so desired. When done, press Start Backup.
After a few moments of configuration tasks, NTBACKUP will begin the backup job.
When the backup is complete, review the output and close NTBACKUP.

Next, you need to properly label and secure the backup file/tape and if possible, store a copy of it on a remote and secure location.

Method #2: Using the Command Prompt

You can use the command line version of NTBACKUP in order to perform backups from the Command Prompt.

For example, to create a backup job named "System State Backup Job" that backs up the System State data to the file D:\system_state_backup.bkf, type:

ntbackup backup systemstate /J "System State Backup Job" /F "D:\system_state_backup.bkf"

For Microsoft's official documentation on Active Directory backups, see: Active Directory Operations Guide - Active Directory Backup and Restore

Determining FSMO Role Holders

Windows 2000/2003 Active Directory domains utilize a Single Operation Master method called FSMO (Flexible Single Master Operation), as described in Understanding FSMO Roles in Active Directory.

The five FSMO roles are:

Schema master - Forest-wide and one per forest.
Domain naming master - Forest-wide and one per forest.
RID master - Domain-specific and one for each domain.
PDC - PDC Emulator is domain-specific and one for each domain.
Infrastructure master - Domain-specific and one for each domain.

In most cases an administrator can keep the FSMO role holders (all 5 of them) in the same spot (or actually, on the same DC) as has been configured by the Active Directory installation process. However, there are scenarios where an administrator would want to move one or more of the FSMO roles from the default holder DC to a different DC. The transferring method is described in the Transferring FSMO Roles article, while seizing the roles from a non-operational DC to a different DC is described in the Seizing FSMO Roles article.

In order to better understand your AD infrastructure and to know the added value that each DC might possess, an AD administrator must have the exact knowledge of which one of the existing DCs is holding a FSMO role, and what role it holds. With that knowledge in hand, the administrator can make better arrangements in case of a scheduled shut-down of any given DC, and better prepare him or herself in case of a non-scheduled cease of operation from one of the DCs.

How to find out which DC is holding which FSMO role? Well, one can accomplish this task by many means. This article will list a few of the available methods.

Method #1: Know the default settings

The FSMO roles were assigned to one or more DCs during the DCPROMO process. The following table summarizes the FSMO default locations:

FSMO Role	Number of DCs holding this role	Original DC holding the FSMO role
Schema	One per forest	The first DC in the first domain in the forest (i.e. the Forest Root Domain)
Domain Naming	One per forest
RID	One per domain	The first DC in a domain (any domain, including the Forest Root Domain, any Tree Root Domain, or any Child Domain)
PDC Emulator	One per domain
Infrastructure	One per domain

Method #2: Use the GUI

The FSMO role holders can be easily found by use of some of the AD snap-ins. Use this table to see which tool can be used for what FSMO role:

FSMO Role	Which snap-in should I use?
Schema	Schema snap-in
Domain Naming	AD Domains and Trusts snap-in
RID	AD Users and Computers snap-in
PDC Emulator
Infrastructure

Finding the RID Master, PDC Emulator, and Infrastructure Masters via GUI

To find out who currently holds the Domain-Specific RID Master, PDC Emulator, and Infrastructure Master FSMO Roles:

Open the Active Directory Users and Computers snap-in from the Administrative Tools folder.
Right-click the Active Directory Users and Computers icon again and press Operation Masters.

Select the appropriate tab for the role you wish to view.

When you're done click Close.

Finding the Domain Naming Master via GUI

To find out who currently holds the Domain Naming Master Role:

Open the Active Directory Domains and Trusts snap-in from the Administrative Tools folder.
Right-click the Active Directory Domains and Trusts icon again and press Operation Masters.

When you're done click Close.

Finding the Schema Master via GUI

To find out who currently holds the Schema Master Role:

regsvr32 schmmgmt.dll

Press OK. You should receive a success confirmation.
From the Run command open an MMC Console by typing MMC.
On the Console menu, press Add/Remove Snap-in.
Press Add. Select Active Directory Schema.
Press Add and press Close. Press OK.
Click the Active Directory Schema icon. After it loads right-click it and press Operation Masters.

Press the Close button.

Method #3: Use the Ntdsutil command

The FSMO role holders can be easily found by use of the Ntdsutil command.

Caution: Using the Ntdsutil utility incorrectly may result in partial or complete loss of Active Directory functionality.

On any domain controller, click Start, click Run, type Ntdsutil in the Open box, and then click OK.

Microsoft Windows [Version 5.2.3790] (C) Copyright 1985-2003 Microsoft Corp.  C:\WINDOWS>ntdsutil ntdsutil:

Type roles, and then press ENTER.

ntdsutil: roles fsmo maintenance:

Note: To see a list of available commands at any of the prompts in the Ntdsutil tool, type ?, and then press ENTER.

Type connections, and then press ENTER.

fsmo maintenance: connections server connections:

Type connect to server <servername>, where <servername> is the name of the server you want to use, and then press ENTER.

server connections: connect to server server100 Binding to server100 ... Connected to server100 using credentials of locally logged on user. server connections:

At the server connections: prompt, type q, and then press ENTER again.

server connections: q fsmo maintenance:

At the FSMO maintenance: prompt, type Select operation target, and then press ENTER again.

fsmo maintenance: Select operation target select operation target:

At the select operation target: prompt, type List roles for connected server, and then press ENTER again.

select operation target: List roles for connected server Server "server100" knows about 5 roles Schema - CN=NTDS Settings,CN=SERVER100,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=C onfiguration,DC=dpetri,DC=net Domain - CN=NTDS Settings,CN=SERVER100,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=C onfiguration,DC=dpetri,DC=net PDC - CN=NTDS Settings,CN=SERVER100,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Conf iguration,DC=dpetri,DC=net RID - CN=NTDS Settings,CN=SERVER100,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Conf iguration,DC=dpetri,DC=net Infrastructure - CN=NTDS Settings,CN=SERVER100,CN=Servers,CN=Default-First-Site-Name,CN=Si tes,CN=Configuration,DC=dpetri,DC=net select operation target:

Type q 3 times to exit the Ntdsutil prompt.

Note: You can download THIS nice batch file that will do all this for you (1kb).

Another Note: Microsoft has a nice tool called Dumpfsmos.cmd, found in the Windows 2000 Resource Kit (and can be downloaded here: Download Free Windows 2000 Resource Kit Tools). This tool is basically a one-click Ntdsutil script that performs the same operation described above.

Method #4: Use the Netdom command

The FSMO role holders can be easily found by use of the Netdom command.

Netdom.exe is a part of the Windows 2000/XP/2003 Support Tools. You must either download it separately (from here Download Free Windows 2000 Resource Kit Tools) or by obtaining the correct Support Tools pack for your operating system. The Support Tools pack can be found in the \Support\Tools folder on your installation CD (or you can Download Windows 2000 SP4 Support Tools, Download Windows XP SP1 Deploy Tools).

On any domain controller, click Start, click Run, type CMD in the Open box, and then click OK.
In the Command Prompt window, type netdom query /domain:<domain> fsmo (where <domain> is the name of YOUR domain).

C:\WINDOWS>netdom query /domain:dpetri fsmo Schema owner server100.dpetri.net  Domain role owner server100.dpetri.net  PDC role server100.dpetri.net  RID pool manager server100.dpetri.net  Infrastructure owner server100.dpetri.net  The command completed successfully.

Close the CMD window.

Note: You can download THIS nice batch file that will do all this for you (1kb).

Method #5: Use the Replmon tool

The FSMO role holders can be easily found by use of the Netdom command.

Just like Netdom, Replmon.exe is a part of the Windows 2000/XP/2003 Support Tools. Replmon can be used for a wide verity of tasks, mostly with those that are related with AD replication. But Replmon can also provide valuable information about the AD, about any DC, and also about other objects and settings, such as GPOs and FSMO roles. Install the package before attempting to use the tool.

On any domain controller, click Start, click Run, type REPLMON in the Open box, and then click OK.
Right-click Monitored servers and select Add Monitored Server.

In the Add Server to Monitor window, select the Search the Directory for the server to add. Make sure your AD domain name is listed in the drop-down list.

In the site list select your site, expand it, and click to select the server you want to query. Click Finish.

Right-click the server that is now listed in the left-pane, and select Properties.

Click on the FSMO Roles tab and read the results.

Click Ok when you're done.

Determining FSMO Role Holders

Windows 2000/2003 Active Directory domains utilize a Single Operation Master method called FSMO (Flexible Single Master Operation), as described in Understanding FSMO Roles in Active Directory.

The five FSMO roles are:

Schema master - Forest-wide and one per forest.
Domain naming master - Forest-wide and one per forest.
RID master - Domain-specific and one for each domain.
PDC - PDC Emulator is domain-specific and one for each domain.
Infrastructure master - Domain-specific and one for each domain.

How to find out which DC is holding which FSMO role? Well, one can accomplish this task by many means. This article will list a few of the available methods.

Method #1: Know the default settings

The FSMO roles were assigned to one or more DCs during the DCPROMO process. The following table summarizes the FSMO default locations:

FSMO Role	Number of DCs holding this role	Original DC holding the FSMO role
Schema	One per forest	The first DC in the first domain in the forest (i.e. the Forest Root Domain)
Domain Naming	One per forest
RID	One per domain	The first DC in a domain (any domain, including the Forest Root Domain, any Tree Root Domain, or any Child Domain)
PDC Emulator	One per domain
Infrastructure	One per domain

Method #2: Use the GUI

The FSMO role holders can be easily found by use of some of the AD snap-ins. Use this table to see which tool can be used for what FSMO role:

FSMO Role	Which snap-in should I use?
Schema	Schema snap-in
Domain Naming	AD Domains and Trusts snap-in
RID	AD Users and Computers snap-in
PDC Emulator
Infrastructure

Finding the RID Master, PDC Emulator, and Infrastructure Masters via GUI

To find out who currently holds the Domain-Specific RID Master, PDC Emulator, and Infrastructure Master FSMO Roles:

Open the Active Directory Users and Computers snap-in from the Administrative Tools folder.
Right-click the Active Directory Users and Computers icon again and press Operation Masters.

Select the appropriate tab for the role you wish to view.

When you're done click Close.

Finding the Domain Naming Master via GUI

To find out who currently holds the Domain Naming Master Role:

Open the Active Directory Domains and Trusts snap-in from the Administrative Tools folder.
Right-click the Active Directory Domains and Trusts icon again and press Operation Masters.

When you're done click Close.

Finding the Schema Master via GUI

To find out who currently holds the Schema Master Role:

regsvr32 schmmgmt.dll

Press OK. You should receive a success confirmation.
From the Run command open an MMC Console by typing MMC.
On the Console menu, press Add/Remove Snap-in.
Press Add. Select Active Directory Schema.
Press Add and press Close. Press OK.
Click the Active Directory Schema icon. After it loads right-click it and press Operation Masters.

Press the Close button.

Method #3: Use the Ntdsutil command

The FSMO role holders can be easily found by use of the Ntdsutil command.

Caution: Using the Ntdsutil utility incorrectly may result in partial or complete loss of Active Directory functionality.

On any domain controller, click Start, click Run, type Ntdsutil in the Open box, and then click OK.

Microsoft Windows [Version 5.2.3790] (C) Copyright 1985-2003 Microsoft Corp.  C:\WINDOWS>ntdsutil ntdsutil:

Type roles, and then press ENTER.

ntdsutil: roles fsmo maintenance:

Note: To see a list of available commands at any of the prompts in the Ntdsutil tool, type ?, and then press ENTER.

Type connections, and then press ENTER.

fsmo maintenance: connections server connections:

Type connect to server <servername>, where <servername> is the name of the server you want to use, and then press ENTER.

server connections: connect to server server100 Binding to server100 ... Connected to server100 using credentials of locally logged on user. server connections:

At the server connections: prompt, type q, and then press ENTER again.

server connections: q fsmo maintenance:

At the FSMO maintenance: prompt, type Select operation target, and then press ENTER again.

fsmo maintenance: Select operation target select operation target:

At the select operation target: prompt, type List roles for connected server, and then press ENTER again.

select operation target: List roles for connected server Server "server100" knows about 5 roles Schema - CN=NTDS Settings,CN=SERVER100,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=C onfiguration,DC=dpetri,DC=net Domain - CN=NTDS Settings,CN=SERVER100,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=C onfiguration,DC=dpetri,DC=net PDC - CN=NTDS Settings,CN=SERVER100,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Conf iguration,DC=dpetri,DC=net RID - CN=NTDS Settings,CN=SERVER100,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Conf iguration,DC=dpetri,DC=net Infrastructure - CN=NTDS Settings,CN=SERVER100,CN=Servers,CN=Default-First-Site-Name,CN=Si tes,CN=Configuration,DC=dpetri,DC=net select operation target:

Type q 3 times to exit the Ntdsutil prompt.

Note: You can download THIS nice batch file that will do all this for you (1kb).

Method #4: Use the Netdom command

The FSMO role holders can be easily found by use of the Netdom command.

On any domain controller, click Start, click Run, type CMD in the Open box, and then click OK.
In the Command Prompt window, type netdom query /domain:<domain> fsmo (where <domain> is the name of YOUR domain).

C:\WINDOWS>netdom query /domain:dpetri fsmo Schema owner server100.dpetri.net  Domain role owner server100.dpetri.net  PDC role server100.dpetri.net  RID pool manager server100.dpetri.net  Infrastructure owner server100.dpetri.net  The command completed successfully.

Close the CMD window.

Note: You can download THIS nice batch file that will do all this for you (1kb).

Method #5: Use the Replmon tool

The FSMO role holders can be easily found by use of the Netdom command.

On any domain controller, click Start, click Run, type REPLMON in the Open box, and then click OK.
Right-click Monitored servers and select Add Monitored Server.

In the Add Server to Monitor window, select the Search the Directory for the server to add. Make sure your AD domain name is listed in the drop-down list.

In the site list select your site, expand it, and click to select the server you want to query. Click Finish.

Right-click the server that is now listed in the left-pane, and select Properties.

Click on the FSMO Roles tab and read the results.

Click Ok when you're done.

Unattended Installation of Active Directory

You can automatically run DCPROMO during an unattended installation. Enter the command

dcpromo /answer:%path_to_answer_file%

You'll see a dialog box that says DCPROMO is running in unattended mode. Then, the machine will reboot.

You can also add DCPROMO to the unattended file that's used to install your server.

The Microsoft Windows 2000 Resource Kit details the DCInstall section's parameters in the file Unattend.doc:

Value	Explanation
AdministratorPassword	The new password for the domain Administrator account
AutoConfigDNS	Specifies whether the wizard should configure DNS
ChildName	Name of the child part of the domain
CreateOrJoin	Specifies whether the domain will join an existing forest or create a new one
DatabasePath	Location for the Active Directory database
DNSOnNetwork	Used when a new forest of domains is installed and no DNS client is configured on the computer
DomainNetBiosName	NetBIOS name for the domain
IsLastDCInDomain	Only valid when demoting an existing domain controller to a member server
LogPath	Path for the Directory Service (DS) logs
NewDomainDNSName	Name of the new tree or when a new forest is created
ParentDomainDNSName	Specifies the name of the parent domain
Password	Password for the username used to promote the server
RebootOnSuccess	Specifies whether an automatic reboot should be performed
ReplicaDomainDNSName	Name of the domain to be replicated from
ReplicaOrMember	Specifies whether a Windows NT 4.0 or 3.51 BDC being upgraded should become a replica domain controller or be demoted to a regular member server
ReplicaOrNewDomain	Specifies whether the machine is a new domain controller in a new domain or a replica of an existing domain
SiteName	Name of the site (Default-First-Site by default)
SysVolPath	Path of SYSVOL
TreeOrChild	Specifies whether entry is a new tree or child of existing domain
UserDomain	Domain for the user being used in promotion
UserName	Name of the user performing the upgrade

Because the DCPROMO process occurs after setup, the created answer file must be called $winnt$.inf and copied to the \system32 folder. You need to add the following text to the GUIRunOnce section of the unattended Setup answer file:

[GUIRunOnce] "DCpromo /answer:%systemroot%\system32\$winnt$.inf"

After the DCPROMO process completes, DCPROMO removes password information from the $winnt$.inf file. To make this process easier because the RunOnce command doesn't execute until someone logs on to the computer, you can add the following text to the unattended answer file.

[GUIUnattended] Autologon = yes ; automatically logs on the administrator account AutoLogoncount = n ; number of times to perform auto-admin logon

Don't use items such as %systemroot% or %windir%, because the unattended installation process doesn't understand them.

You can just create a DCInstall section directly in your unattend.txt file to avoid having multiple unattended setup files. Enter text such as the following:

[DCInstall] AdministratorPassword = password CreateOrJoin = Create DomainNetBiosName = dpetri NewDomainDNSName = dpetri.net RebootOnSuccess = Yes ReplicaOrNewDomain = Domain SiteName = "Lab" TreeOrChild = Tree

My example script would create a new forest with the domain dpetri.net at the top and the new domain controller in the site Lab. The SYSVOL, logs, and Active Directory (AD) files would be in the default locations. The new domain Administrator account password would be password.

Unattended Installation of Active Directory

You can automatically run DCPROMO during an unattended installation. Enter the command

dcpromo /answer:%path_to_answer_file%

You'll see a dialog box that says DCPROMO is running in unattended mode. Then, the machine will reboot.

You can also add DCPROMO to the unattended file that's used to install your server.

The Microsoft Windows 2000 Resource Kit details the DCInstall section's parameters in the file Unattend.doc:

Value	Explanation
AdministratorPassword	The new password for the domain Administrator account
AutoConfigDNS	Specifies whether the wizard should configure DNS
ChildName	Name of the child part of the domain
CreateOrJoin	Specifies whether the domain will join an existing forest or create a new one
DatabasePath	Location for the Active Directory database
DNSOnNetwork	Used when a new forest of domains is installed and no DNS client is configured on the computer
DomainNetBiosName	NetBIOS name for the domain
IsLastDCInDomain	Only valid when demoting an existing domain controller to a member server
LogPath	Path for the Directory Service (DS) logs
NewDomainDNSName	Name of the new tree or when a new forest is created
ParentDomainDNSName	Specifies the name of the parent domain
Password	Password for the username used to promote the server
RebootOnSuccess	Specifies whether an automatic reboot should be performed
ReplicaDomainDNSName	Name of the domain to be replicated from
ReplicaOrMember	Specifies whether a Windows NT 4.0 or 3.51 BDC being upgraded should become a replica domain controller or be demoted to a regular member server
ReplicaOrNewDomain	Specifies whether the machine is a new domain controller in a new domain or a replica of an existing domain
SiteName	Name of the site (Default-First-Site by default)
SysVolPath	Path of SYSVOL
TreeOrChild	Specifies whether entry is a new tree or child of existing domain
UserDomain	Domain for the user being used in promotion
UserName	Name of the user performing the upgrade

[GUIRunOnce] "DCpromo /answer:%systemroot%\system32\$winnt$.inf"

[GUIUnattended] Autologon = yes ; automatically logs on the administrator account AutoLogoncount = n ; number of times to perform auto-admin logon

Don't use items such as %systemroot% or %windir%, because the unattended installation process doesn't understand them.

You can just create a DCInstall section directly in your unattend.txt file to avoid having multiple unattended setup files. Enter text such as the following:

[DCInstall] AdministratorPassword = password CreateOrJoin = Create DomainNetBiosName = dpetri NewDomainDNSName = dpetri.net RebootOnSuccess = Yes ReplicaOrNewDomain = Domain SiteName = "Lab" TreeOrChild = Tree

Friday, February 27, 2009

Using the BurFlags registry key to reinitialize File Replication Service replica sets

Overview

Restoring FRS replicas

Nonauthoritative restore

Authoritative FRS restore

Global vs. replica set specific reinitialization

Considerations before you configure authoritative or nonauthoritative restores of FRS members

Using the BurFlags registry key to reinitialize File Replication Service replica sets

Overview

Restoring FRS replicas

Nonauthoritative restore

Authoritative FRS restore

Global vs. replica set specific reinitialization

Considerations before you configure authoritative or nonauthoritative restores of FRS members

What is HDLC?

What is PPP?

What is Frame-Relay?

What is HDLC?

What is PPP?

What is Frame-Relay?

Purpose of Performing Regular Backups

Method #1: Using NTBACKUP

Method #2: Using the Command Prompt

Purpose of Performing Regular Backups

Method #1: Using NTBACKUP

Method #2: Using the Command Prompt

Method #1: Know the default settings

Method #2: Use the GUI

Method #3: Use the Ntdsutil command

Method #4: Use the Netdom command

Method #5: Use the Replmon tool

Method #1: Know the default settings

Method #2: Use the GUI

Method #3: Use the Ntdsutil command

Method #4: Use the Netdom command

Method #5: Use the Replmon tool

LinkWithin

Popular Posts