Diagnose Active Directory replication failures

This article describes how to diagnose Active Directory replication failures.

Applies to:   Windows Server 2008 R2 Service Pack 1
Original KB number:   2498185


You may notice that Active Directory fails to replicate in the following conditions:

  • Monitoring tools including Active Directory Replication Status Tool (ADREPLSTATUS) and REPADMIN expose replication failures.
  • Administrators, users, or applications detect that objects that are created and changed in Active Directory don't exist on all domain controllers (DCs) in a common replication scope.


Active Directory Domain Services (AD DS) replication has the following dependencies:

  • Network connectivity over the ports and protocols that are used by the ADDS service
  • DNS name resolution to resolve the name of a replication partner to its IP address
  • Authentication and authorization
  • Time accuracy within 5 minutes to support Kerberos authentication
  • The directory database
  • The Active Directory replication topology to build connection objects between replication partners
  • The ADDS replication engine


Use either of the following methods to view replications errors:

Use repadmin to identify forest-wide Active Directory replication errors

You can create a Microsoft Excel spreadsheet for domain controllers by using the repadmin/showrepl command to view replication errors. To do it, follow these steps:

  1. Open a Command Prompt as an administrator:

    On the Start menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, provide Enterprise Admins credentials, and then click Continue.

  2. At the command prompt, type the following command, and then press Enter:

    repadmin /showrepl * /csv >showrepl.csv
  3. In Excel, open showrepl.csv.

  4. Format the spreadsheet as follows:

    1. Hide or delete column A and column G.
    2. Select row 1 underneath the column header row. On the View tab, click Freeze Panes, and then click Freeze Top Row.
    3. Select the whole spreadsheet. On the Data tab, click Filter.
    4. In the Last Success Time column, click the down arrow, point to Text Filters, and then click Custom Filter.
    5. Sort the table from oldest to newest.
    6. In the Source DC or Source DSA column, click the filter down arrow, point to Text Filters, and then click Custom Filter.
    7. In the Custom AutoFilter dialog box, under Show rows where, click does not contain. In the adjacent text box, type del to eliminate deleted domain controllers from the view.
    8. Repeat step 6 for the Last Failure Time column, but use the value does not equal, and then type the value 0.
  5. To fix any replication failures that appear under Last Failure Status, see How to troubleshoot common Active Directory replication errors.