Thanks, Jorge. So the KCC is on at all sites. In my situation, I want to disable the KCC. A few questions: - Is the command to do so: repadmin /siteoptions branch1dc.company.com /site:branch1 +IS_INTER_SITE_AUTO_TOPOLOGY_DISABLED - Do I have to run this against each DC? - I believe I only want to disable the INTER_SITE, not the INTRA_SITE, right? - Do I think need to manually create the connection objects or can I just leave the auto generated ones in place? - Does all this change if the VPN topology allows for a fully routed network?
Thanks. -- nme P.S. I checked the questions you asked. DCs and GCs are correct; no custom site links or connections; site membership is correct. > -----Original Message----- > From: Almeida Pinto, Jorge de > [mailto:[EMAIL PROTECTED] > Sent: Saturday, August 06, 2005 11:59 AM > To: [email protected]; [email protected] > Subject: RE: [ActiveDir] Branch Office Question > > I expected that.. in a few words hub-and-spoke topology in a > non fully routed network. For this to work you need a site > for each location and a site link between each spoke (the > bracnhes) and the hub and auto site link bridging is off > > The other thing I can think of: > * Is each DC/GC in the correct site? > * Do you have custom site link bridges? > * Do you have custom connections (auto connections are > visible as automatic connections and custom connections are > visible as GUIDs) > * Check the site membership of the site links. Is it correct > * Other site links connecting the branches somehow > * etc > > By the way. To see if the KCC/ISTG for a site has been > disabled open up the properties of the NTDS Site Settings > object of each site. If you see yellow exclamation marks at > the bottom with text explaining it, the KCC is disabled. If > you don't see anything it is enabled > > You can also check it with: > repadmin /siteoptions <DC> /site:<SITE> > > Default-First-Site-Name > Current Site Options: (none) -> means the KCC is not disabled > > > Default-First-Site-Name > Current Site Options: IS_AUTO_TOPOLOGY_DISABLED > IS_INTER_SITE_AUTO_TOPOLOGY_DISA BLED -> means the KCC is > disabled for intrasite and intersite > > Cheers > #JORGE# > > ________________________________ > > From: Noah Eiger [mailto:[EMAIL PROTECTED] > Sent: Sat 8/6/2005 6:38 PM > To: [email protected] > Subject: RE: [ActiveDir] Branch Office Question > > > Thanks, Jorge. > > The topology is as follows: > - Each office connects to the hub via a point-to-point VPN. > That is, there is no bridging at the hub -- this is a > bandwidth consideration. > - As for AD: we have three sites Hub, B1, B2, and B3. > - Each has a single DC that is also a GC. > - There are three IP site links: Hub-B1, Hub-B2, and Hub-B3. > I am not sure, but at one point there may have been a single > site link containing all sites. If there was, it is gone now. > The ISTG created a "web" topology. However, we were getting > replication errors. I manually deleted the connection objects > that connected the hubs to eachother. Those connection > objects have not regenerated. There are no manually created > connections. Finally, I recall that there is a setting (reg > edit?) that tells the ISTG to _not_ automatically create > connections. To my knowledge, this setting is not enabled. > > Anything else I should check? > > -- nme > > > ________________________________ > > From: Almeida Pinto, Jorge de > [mailto:[EMAIL PROTECTED] > Sent: Friday, August 05, 2005 6:36 PM > To: [email protected] > Subject: RE: [ActiveDir] Branch Office Question > > > May look as I silly question but can you point out > (just to be sure) how your site and replication topology > looks like? How many sites and how many site links do you > have and how are those connected? I assume one domain and > each DC = GC... > > #JORGE# > > ________________________________ > > From: [EMAIL PROTECTED] on behalf of Noah Eiger > Sent: Sat 8/6/2005 3:22 AM > To: [email protected] > Subject: RE: [ActiveDir] Branch Office Question > > > > Hi Jorge: > > Thanks for the suggestion. That checkbox was indeed > checked. I have > unchecked it and waited longer that a day. Replication > seems to have worked > and the box is unchecked at all branch sites. The > errors persist at all > branch sites. > > Any further thoughts? > > -- nme > > > -----Original Message----- > > From: Almeida Pinto, Jorge de > > [mailto:[EMAIL PROTECTED] > > Sent: Thursday, August 04, 2005 10:21 AM > > To: [email protected]; > [email protected] > > Subject: RE: [ActiveDir] Branch Office Question > > > > so, your network is not fully routed? is auto site link > > bridging enabled or disabled. If it is enabled, disable it! > > > > To to so: > > * start sites and services > > * goto to Inter site transports > > * right click IP and uncheck "bridge all sitre links" > > > > wait until this has replicated to the other DCs > > > > Cheers > > #JORGE# > > > > ________________________________ > > > > From: [EMAIL PROTECTED] on behalf of > Noah Eiger > > Sent: Thu 8/4/2005 6:41 PM > > To: [email protected] > > Subject: [ActiveDir] Branch Office Question > > > > > > Hi - > > > > Ok. Finally, one of my questions is ON topic ;-) > > > > I have three branch office sites that connect to a single > > hub. VPN connectivity, Site links, and connection objects > > only allows each branch to see the hub. Replication is > > working smoothly and consistently. Yet, I am still seeing > > repeated errors in the Event Viewers of the branches > > complaining that they cannot see one another. > > > > The options offered in the errors all seem to point to trying > > to get the branches to see one another (e.g., "publish > > sufficient site connectivity information..."). I want to tell > > it not to look for the other branches at all. > > > > Specifically, I see: > > > > Event Type: Warning > > Event Source: NTDS KCC > > Event Category: (1) > > Event ID: 1566 > > Date: 7/29/2005 > > Time: 11:45:08 AM > > User: N/A > > Computer: BRANCHDC1 > > > > Event Type: Error > > Event Source: NTDS KCC > > Event Category: (1) > > Event ID: 1311 > > Date: 7/29/2005 > > Time: 11:45:08 AM > > User: N/A > > Computer: BRANCHDC1 > > > > Thanks. > > > > -- nme > > > > > > This e-mail and any attachment is for authorised use by the > > intended recipient(s) only. It may contain proprietary > > material, confidential information and/or be subject to legal > > privilege. It should not be copied, disclosed to, retained or > > used by, any other party. If you are not an intended > > recipient then please promptly delete this e-mail and any > > attachment and all copies and inform the sender. Thank you. > > List info : http://www.activedir.org/List.aspx > > List FAQ : http://www.activedir.org/ListFAQ.aspx > > List archive: > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
