Recipe 17.3 Adding or Removing a Replica Server for an Application Partition

17.3.1 Problem

You want to add or remove a replica server for an application partition. After you've created an application partition, you should make at least one other server a replica server in case the first server fails.

17.3.2 Solution

17.3.2.1 Using a command-line interface

Use the following command to add a replica server for an application partition:

> ntdsutil "dom man" conn "co to se <DomainControllerName>" q "add nc replica[RETURN]
<AppPartitionDN> <DomainControllerName>" q q

Use the following command to remove a replica server for an application partition:

> ntdsutil "dom man" conn "co to se <DomainControllerName>" q "remove nc replica[RETURN]
<AppPartitionDN> <DomainControllerName>" q q
17.3.2.2 Using VBScript
' This code adds or removes a replica server for the
' specified application partition
' ------ SCRIPT CONFIGURATION ------
strAppPart = "<AppPartitionFQDN>" ' DNS name of the application partition

' Hostname of server to add as replica for app partition. 
' This needs to match the common name for the DC's server object.
strServer  = "<DomainControllerName>"  ' e.g. dc01

' Set to True to add server as new replica or False to remove
boolAdd    = True  
' ------ END CONFIGURATION ---------

' Constants taken from ADS_PROPERTY_OPERATION_ENUM
const ADS_PROPERTY_APPEND = 3
const ADS_PROPERTY_DELETE = 4

set objRootDSE = GetObject("LDAP://RootDSE")

' ----------------------------------------------------------
' First find the NTDS Settings object for the server
' ----------------------------------------------------------
strBase    = "<LDAP://cn=Sites," & _        
             objRootDSE.Get("ConfigurationNamingContext") & ">;"
strFilter  = "(&(objectcategory=server)(cn=" & strServer & "));" 
strAttrs   = "cn,distinguishedName;"
strScope   = "subtree"
set objConn = CreateObject("ADODB.Connection")
objConn.Provider = "ADsDSOObject"
objConn.Open "Active Directory Provider"
set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)
if objRS.RecordCount <> 1 then
   WScript.Echo "Did not find a match for server " & strServer
   WScript.Quit
else
   objRS.MoveLast
   strServerDN = "cn=NTDS Settings," & _
                 objRS.Fields("distinguishedName").Value
   ' Make sure the NTDS Settings object actually exists
   set objNTDSDSA = GetObject("LDAP://" & strServerDN)
   Wscript.Echo "Found server: "
   WScript.Echo strServerDN
   Wscript.Echo
end if

' ------------------------------------------------------------------
' Now need to find the crossRef object for the application partition
' ------------------------------------------------------------------
strBase = "<LDAP://cn=Partitions," & _
          objRootDSE.Get("ConfigurationNamingContext") & ">;"
strFilter  = "(&(objectcategory=crossRef)" & _
             "(dnsRoot=" & strAppPart & "));" 
strAttrs   = "cn,distinguishedName;"
strScope   = "onelevel"
set objRS = objConn.Execute(strBase & strFilter & strAttrs & strScope)
if objRS.RecordCount <> 1 then
   WScript.Echo "Did not find a match for application partition " & _
                strAppPart
   WScript.Quit
else
   objRS.MoveLast
   set objAppPart = GetObject("LDAP://" & _
                    objRS.Fields("distinguishedName").Value )
   Wscript.Echo "Found app partition: "
   WScript.Echo objRS.Fields("distinguishedName").Value
   WScript.Echo
end if

' -----------------------------------------------
' Lastly, either add or remove the replica server
' -----------------------------------------------
if boolAdd = TRUE then
   objAppPart.PutEx ADS_PROPERTY_APPEND, "msDS-NC-Replica-Locations", _
                    Array(strServerDN)
   objAppPart.SetInfo
   WScript.Echo "Added server to replica set"
else
   objAppPart.PutEx ADS_PROPERTY_DELETE, "msDS-NC-Replica-Locations", _
                    Array(strServerDN)
   objAppPart.SetInfo
   WScript.Echo "Removed server from replica set"
end if

17.3.3 Discussion

When you initially create an application partition, there is only one domain controller that hosts the application partition, namely the one you created the application partition on. You can add any other domain controllers in the forest as replica servers assuming the domain controllers are running Windows Server 2003. The list of replica servers is stored in the msDS-NC-Replica-Locations attribute on the crossRef object for the application partition in the Partitions container. That attribute contains the distinguished name of each replica server's nTDSDSA object. To add a replica server, simply add the DN of the new replica server. To remove a replica server, remove the DN corresponding to the server you want to remove. Behind the scene, the Knowledge Consistency Checker (KCC) gets triggered anytime there is a change to that attribute and will either cause the application partition to get replicated to the target domain controller or will remove it from the target domain controller. When a domain controller is demoted, it will automatically remove itself as a replica server for any application partitions it replicated.

17.3.4 See Also

Recipe 17.4 for finding the replica servers for an application partition and MS KB 322669 (HOW TO: Manage the Application Directory Partition and Replicas in Windows Server 2003)



    Chapter 3. Domain Controllers, Global Catalogs, and FSMOs
    Chapter 6. Users
    Appendix A. Tool List