1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

How do I restrict NTDS Replication in Active Directory to specifiedDomain Controllers?

Discussion in 'Windows Home Server' started by Alan Truism, Jul 28, 2009.

  1. Alan Truism

    Alan Truism Guest

    How do I restrict NTDS Replication in Active Directory to specified
    Domain Controllers


    Our network is a hub and spoke configuration. All branches can route
    to the main office, however they cannot route to one another.

    How do I keep the domain controllers at the individual branches from
    trying to replicate with one another? I want them all to replicate
    with the domain controllers at the main branch (the hub) but I don't
    want them to replicate directly to the other branches.


    In AD sites and services the branch systems automatically generate
    connections to DCs at branches they can't communicate with, which
    generates errors.
     
    Alan Truism, Jul 28, 2009
    #1
  3. Meinolf Weber [MVP-DS]

    Meinolf Weber [MVP-DS] Guest

    Re: How do I restrict NTDS Replication in Active Directory to specified Domain Controllers?

    Hello Alan,

    See the reply to microsoft.public.windows.server.networking

    Best regards

    Meinolf Weber
    Disclaimer: This posting is provided "AS IS" with no warranties, and confers
    no rights.
    ** Please do NOT email, only reply to Newsgroups
    ** HELP us help YOU!!!

    <!--coloro:blue--><span style="color:blue <!--/coloro-->
    > How do I restrict NTDS Replication in Active Directory to specified
    > Domain Controllers
    >
    > Our network is a hub and spoke configuration. All branches can route
    > to the main office, however they cannot route to one another.
    >
    > How do I keep the domain controllers at the individual branches from
    > trying to replicate with one another? I want them all to replicate
    > with the domain controllers at the main branch (the hub) but I don't
    > want them to replicate directly to the other branches.
    >
    > In AD sites and services the branch systems automatically generate
    > connections to DCs at branches they can't communicate with, which
    > generates errors.
    > <!--colorc--><!--/colorc-->
     
    Meinolf Weber [MVP-DS], Jul 28, 2009
    #2
  4. Jorge de Almeida Pinto [MVP - DS

    Jorge de Almeida Pinto [MVP - DS Guest

    Re: How do I restrict NTDS Replication in Active Directory to specified Domain Controllers?

    DISABLE the option in sites and services "Bridge All Site Links" (on the
    "Sites\Inter-Site Transports\IP" node)

    --

    Cheers,
    (HOPEFULLY THIS INFORMATION HELPS YOU!)

    # Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #

    BLOG (WEB-BASED)-->
    BLOG (RSS-FEEDS)-->
    ------------------------------------------------------------------------------------------
    * This posting is provided "AS IS" with no warranties and confers no rights!
    * Always test ANY suggestion in a test environment before implementing!
    ------------------------------------------------------------------------------------------
    #################################################
    #################################################
    ------------------------------------------------------------------------------------------

    "Alan Truism" <alan.truism@yahoo.com> wrote in message
    news:116666ad-5fab-4eff-a2af-defbbcee71c1@g23g2000vbr.googlegroups.com...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    > How do I restrict NTDS Replication in Active Directory to specified
    > Domain Controllers
    >
    >
    > Our network is a hub and spoke configuration. All branches can route
    > to the main office, however they cannot route to one another.
    >
    > How do I keep the domain controllers at the individual branches from
    > trying to replicate with one another? I want them all to replicate
    > with the domain controllers at the main branch (the hub) but I don't
    > want them to replicate directly to the other branches.
    >
    >
    > In AD sites and services the branch systems automatically generate
    > connections to DCs at branches they can't communicate with, which
    > generates errors.
    >
    > __________ Information from ESET Smart Security, version of virus
    > signature database 4507 (20091014) __________
    >
    > The message was checked by ESET Smart Security.
    >
    >
    >
    >
    > <!--colorc--><!--/colorc-->

    __________ Information from ESET Smart Security, version of virus signature database 4507 (20091014) __________

    The message was checked by ESET Smart Security.
     
    Jorge de Almeida Pinto [MVP - DS, Oct 14, 2009
    #3
  5. Jorge de Almeida Pinto [MVP - DS

    Jorge de Almeida Pinto [MVP - DS Guest

    Re: How do I restrict NTDS Replication in Active Directory to specified Domain Controllers?

    by the way...

    I do assume only links exist between branch sites and the hub site

    --

    Cheers,
    (HOPEFULLY THIS INFORMATION HELPS YOU!)

    # Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #

    BLOG (WEB-BASED)-->
    BLOG (RSS-FEEDS)-->
    ------------------------------------------------------------------------------------------
    * This posting is provided "AS IS" with no warranties and confers no rights!
    * Always test ANY suggestion in a test environment before implementing!
    ------------------------------------------------------------------------------------------
    #################################################
    #################################################
    ------------------------------------------------------------------------------------------

    "Jorge de Almeida Pinto [MVP - DS]"
    <SubstituteThisWithMyFullNameSeparatedByDots@gmail.com> wrote in message
    news:O2CmFOPTKHA.4000@TK2MSFTNGP05.phx.gbl...<!--coloro:blue--><span style="color:blue <!--/coloro-->
    > DISABLE the option in sites and services "Bridge All Site Links" (on the
    > "SitesInter-Site TransportsIP" node)
    >
    > --
    >
    > Cheers,
    > (HOPEFULLY THIS INFORMATION HELPS YOU!)
    >
    > # Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #
    >
    > BLOG (WEB-BASED)-->
    > BLOG (RSS-FEEDS)-->
    > ------------------------------------------------------------------------------------------
    > * This posting is provided "AS IS" with no warranties and confers no
    > rights!
    > * Always test ANY suggestion in a test environment before implementing!
    > ------------------------------------------------------------------------------------------
    > #################################################
    > #################################################
    > ------------------------------------------------------------------------------------------
    >
    > "Alan Truism" <alan.truism@yahoo.com> wrote in message
    > news:116666ad-5fab-4eff-a2af-defbbcee71c1@g23g2000vbr.googlegroups.com...<!--coloro:green--><span style="color:green <!--/coloro-->
    >> How do I restrict NTDS Replication in Active Directory to specified
    >> Domain Controllers
    >>
    >>
    >> Our network is a hub and spoke configuration. All branches can route
    >> to the main office, however they cannot route to one another.
    >>
    >> How do I keep the domain controllers at the individual branches from
    >> trying to replicate with one another? I want them all to replicate
    >> with the domain controllers at the main branch (the hub) but I don't
    >> want them to replicate directly to the other branches.
    >>
    >>
    >> In AD sites and services the branch systems automatically generate
    >> connections to DCs at branches they can't communicate with, which
    >> generates errors.
    >>
    >> __________ Information from ESET Smart Security, version of virus
    >> signature database 4507 (20091014) __________
    >>
    >> The message was checked by ESET Smart Security.
    >>
    >>
    >>
    >>
    >><!--colorc--><!--/colorc-->
    >
    > __________ Information from ESET Smart Security, version of virus
    > signature database 4507 (20091014) __________
    >
    > The message was checked by ESET Smart Security.
    >
    >
    >
    >
    > <!--colorc--><!--/colorc-->

    __________ Information from ESET Smart Security, version of virus signature database 4507 (20091014) __________

    The message was checked by ESET Smart Security.
     
    Jorge de Almeida Pinto [MVP - DS, Oct 14, 2009
    #4

Share This Page