RepAdmin SyncAll

How to use RepAdmin SyncAll to synchronize all domain controllers

In many situations, you want to force replication of your Active Directory:

  • You’ve added a new mail alias (proxyAddress) to a user and need it to be visible in Office 365
    • The change must replicate to the DC your Azure AD Connect server is using as a replication partner
  • You’ve updated a user’s group membership
    • The change must replicate to the domain controller authenticating your user’s next login
  • You’ve made a GPO change
    • The change must replicate to the domain controller authenticating your computers next reboot

In all these scenarios, a fast replication of your domain controllers is needed so that the effect can take place immediately.

In some cases, you may know on which domain controller the change was made and to which domain controller the change needs to replicate. But in most cases, you want to replicate all of them.

To ensure complete domain controller replication, the fastest solution is to use the RepAdmin command.

The RepAdmin command is part of the AD DS Tools that are available via RSAT. So if you’re working from a domain controller, the AD DS Tools are already installed.

Execute the following two commands for every domain controller you have:

RepAdmin /SyncAll /e [dc name]
RepAdmin /SyncAll /e /P [dc name]

The commands use the following three switches:

  • /SyncAll will ensure that all replication partner connections are included
  • /e will include cross-site replication
  • /P will perform push replication (instead of the default “push”)

After running these two commands for all domain controllers, the recent change will soon be visible throughout your environment.

Make sure to run the RepAdmin with domain admin credentials; otherwise you’ll see the following error message:

SyncAll reported the following errors:
Error issuing replication: 8453 (0x2105):
    Replication access was denied.
    From: 15acd82d-3716-42dd-aa27-7715d3ca47b5._msdcs.gigacorp.local
    To  : 0d62e2de-ad35-449b-878c-608406abc44d._msdcs.gigacorp.local


Replicating domain controllers is quite easy with the RepAdmin command. But the more efficient solution is definitely to make changes directly on the domain controller where you need the changes.

If, e.g., you want your user configuration changes to replicate immediately to Office 365, make sure that the AD Users & Computers tool is connected to the domain controller that Azure AD Connect is replicating from.

In that case, you can immediately synchronize Azure AD Connect after making the changes (with no need for prior AD replication).

With Easy365Manager, you can even replicate Azure AD Connect directly from user properties in the AD Users & Computers tool:

one-click synchronization of azure ad conncect

Speed up your AD/Office 365 admin life now by downloading the fully functional 30-day trial.

Easy365Manager allows you to manage email attributes, Office 365 mailboxes, and Office 365 licenses directly from AD Users & Computers.

Check out the awesome feature list.

Stop the endless switching between AD Users & Computers, the Microsoft 365 Admin Center, the Exchange Online Admin Center and the Azure Portal.

With Easy365Manager you can perform all daily Office 365 management from AD Users & Computers.

And remove your on-premises Exchange Server as an added bonus.