Preparing an Existing Domain Controller for Shipping and Long-Term Disconnection

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

When you ship a domain controller to a remote site, you must disconnect it from the network and, consequently, from the replication topology. If a domain controller must be separated from the replication topology for a period of time that might be longer than a tombstone lifetime, you must take preliminary steps to ensure a smooth reconnection. Otherwise, it is possible that a long-term disconnection can result in a deleted object being reintroduced into the directory. Such deleted objects, when they are retained on a domain controller that has been disconnected for a period that is longer than a tombstone lifetime, are called "lingering objects." Lingering objects that are security principals, such as users or groups, can cause problems with Active Directory searches and e-mail delivery. Lingering objects can also jeopardize security if a user is allowed access to a resource by virtue of membership in a group that has been deleted. For more information about lingering objects, see "Maintaining Directory Consistency When Disconnecting a Domain Controller" in Known Issues for Adding Domain Controllers in Remote Sites.

By taking preliminary precautions, you can ensure that long-term disconnections do not result in directory inconsistency from lingering objects.

To complete this task, perform the following procedures:

  1. Determine the anticipated length of the disconnection.

  2. Determine the tombstone lifetime for the forest.

  3. Determine the maximum safe disconnection period by subtracting a generous estimate of the end-to-end replication latency from the tombstone lifetime. Either find the latency estimate in the design documentation for your deployment or request the information from a member of your design or deployment team.

    • If the anticipated time of disconnection exceeds the maximum safe disconnection period, make a decision about whether to extend the tombstone lifetime. To change the tombstone lifetime, see Determine the tombstone lifetime for the forest and change the value in the tombstoneLifetime attribute.

    • If the estimated time of disconnection does not exceed the maximum safe disconnection time, proceed with disconnection.

  4. View the current operations master role holders to determine whether the domain controller is an operations master role holder.

  5. Transfer the domain-level operations master roles, if appropriate.

  6. Transfer the schema master, if appropriate.

  7. Transfer the domain naming master, if appropriate.

  8. Prepare a domain controller for nonauthoritative SYSVOL restart on the domain controller that you are disconnecting. This process prevents the domain controller from having to reconcile and process deletions and modifications that took place from the time of the last SYSVOL update to the time the domain controller is restarted in the new site, and improves synchronization time.

  9. Enable strict replication consistency on the domain controller that you are disconnecting. You can use this command-line procedure as an option to enable strict replication consistency on additional other domain controllers or on all domain controllers in the forest.

  10. Synchronize replication with all partners. Update the domain controller with the latest changes just before you disconnect it.

  11. Verify successful replication to a domain controller for the domain controller that you are disconnecting.

  12. Label the domain controller with the date and time of disconnection and the maximum safe disconnection period.

See Also

Concepts

Known Issues for Adding Domain Controllers in Remote Sites
Managing Operations Master Roles
Managing SYSVOL
Reconnecting a Domain Controller After a Long-Term Disconnection

Other Resources

Windows Server 2003 Technical Reference