Enable immediate replication between Active Directory sites

(This post was originally published by myself on my previous blog site)

What is immediate replication?

Active Directory has 3 replication models:

1. Within a site (Intrasite) the domain controllers use Change Notification to alert adjacent dc’s of changes made in AD. By default, after 15 seconds the first replication partner is notified and 3 more seconds to each subsequent replication partner.
2. Between sites (Intersite) Change Notification is not used. Replication only happens on a schedule with every 15 minutes as the shortest configurable interval.
3. Account lockout, changes to password policy, DC password changes and a few other situations trigger urgent replication which happens as quickly as the domain controllers are able and bypasses all other replication interval.

The intersite replication can however be configured to use Change Notification and this will bypass the replication schedule of the site link and replication will occur as if the domain controllers were in the same site. This does of course increase the traffic of you WAN link so make sure you have the bandwidth and latency to handle it.

How to enable immediate replication

The procedure is slightly different for automatically and manually changed sitelinks

For automatically created sitelinks:

1. Open ADSIEDIT
2. Connect to Configuration Naming Context
3. Expand Sites –> Intersite Transport –> IP
4. Right-click the relevant sitelink and select properties
5. Change the value of “options” to 1

For manually created sitelinks:

1. Open ADSIEDIT
2. Connect to Configuration Naming Context
3. Expand Sites –> (The site name) –> Servers –> (Servername) –> NTDS Settings
4. Right-click the relevant sitelink and select properties
5. Change the value of “options” to 8
6. Repeat for every manually configured sitelink (if desired)

That’s all there is to it. Changes in AD will now flow as if the domain controllers are within the same site.