Checks the health of inbound replication for the domain controller.
This monitor verifies that the domain controller is successfully replicating with all of its inbound replication partners.
If it fails replication for any of its inbound partners AD data could become inconsistent between domain controllers.
Interval (sec)
default: 300 sec (5 min)
Max Replication Latency (min)
All Naming Contexts should replicate within an hour unless specifically configured otherwise in AD. The default is 65 min to allow for minor delays. Depending on your Active Directory topology, this threshold may need to be tuned appropriately.
Max Replication Latency RootDSE (min)
The RootDSE should replicate within a few minutes as this is the NC that changes the most. Since the RootDSE replicates so often this control was added to allow for tighter replication thresholds for the RootDSE. By default the replication threshold is set to 15 minutes.
Alerts raised indicate that this domain controller has had an issue replicating with one or more of its replication partners.
If the domain controller fails replication for one or more naming contexts in AD, its data (i.e. User/computer accounts and passwords, etc) may become stale and out of date.
This alert could fire while one of the other Domain Controllers in the forest is being rebooted or having maintenance performed on it. This is mitigated by verifying that the DC responds to ping or not but we expect a few false negatives to fire from this monitor.
Log on to the Domain Controller experiencing issues and run diagnostics to help determine why replication failed. The following diagnostic commands are helpful in diagnosing replication failures:
Repadmin /ShowRepl
Repadmin /replsum
dcdiag /test:Intersite
dcdiag /test:KccEvent
dcdiag /test:ObjectsReplicated
dcdiag /test:Replications
dcdiag /test:VerifyReplicas
TechNet guide for troubleshooting Active Directory replication problems
Target | Microsoft.Windows.Server.2012.R2.AD.DomainControllerRole | ||
Parent Monitor | Microsoft.Windows.Server.2012.R2.AD.ReplicationMonitors.AggregateMonitor | ||
Category | Custom | ||
Enabled | True | ||
Alert Generate | True | ||
Alert Severity | MatchMonitorHealth | ||
Alert Priority | Normal | ||
Alert Auto Resolve | True | ||
Monitor Type | Microsoft.Windows.Server.2012.R2.AD.Availability.ReplicationShowReplCheck.Monitortype | ||
Remotable | False | ||
Accessibility | Public | ||
Alert Message |
| ||
RunAs | Default |
<UnitMonitor ID="Microsoft.Windows.Server.2012.R2.AD.Availability.ReplicationShowReplCheck.Monitor" Accessibility="Public" Enabled="true" Target="AD2012R2Core!Microsoft.Windows.Server.2012.R2.AD.DomainControllerRole" ParentMonitorID="Microsoft.Windows.Server.2012.R2.AD.ReplicationMonitors.AggregateMonitor" Remotable="false" Priority="Normal" TypeID="Microsoft.Windows.Server.2012.R2.AD.Availability.ReplicationShowReplCheck.Monitortype" ConfirmDelivery="false">
<Category>Custom</Category>
<AlertSettings AlertMessage="Microsoft.Windows.Server.2012.R2.AD.Availability.ReplicationShowReplCheck.AlertMessage">
<AlertOnState>Warning</AlertOnState>
<AutoResolve>true</AutoResolve>
<AlertPriority>Normal</AlertPriority>
<AlertSeverity>MatchMonitorHealth</AlertSeverity>
<AlertParameters>
<AlertParameter1>$Data/Context/Property[@Name='ErrorString']$</AlertParameter1>
</AlertParameters>
</AlertSettings>
<OperationalStates>
<OperationalState ID="ReplicationShowReplCheckOK" MonitorTypeStateID="ReplicationShowReplCheckOK" HealthState="Success"/>
<OperationalState ID="ReplicationShowReplCheckWarn" MonitorTypeStateID="ReplicationShowReplCheckWarn" HealthState="Warning"/>
<OperationalState ID="ReplicationShowReplCheckError" MonitorTypeStateID="ReplicationShowReplCheckError" HealthState="Error"/>
</OperationalStates>
<Configuration>
<IntervalSeconds>300</IntervalSeconds>
<ReplLatencyThreshold>65</ReplLatencyThreshold>
<TimeoutSeconds>300</TimeoutSeconds>
<RootDSEReplLatencyThreshold>15</RootDSEReplLatencyThreshold>
</Configuration>
</UnitMonitor>