I saw your previous post, just didn't get a chance to hit it yet. The answer, if I understand the question, is the schema.
Whether an attribute replicates or not is controlled by a bit in the systemFlags attribute. Bit 1 to be exact... So if you want to look at your AD and find out all attributes that don't replicate you do the following Adfind -schema -bit -f systemflags:AND:=1 ldapdisplayname In my main test forest which is 2K3 Native (brand new not 2K upgrade) with 2K3 installed (brand new not 2K upgrade) I get about or so non-replicating attributes. If I filter out backlinks (exercise for the class why you don't have to replicate back links...) with the following query Adfind -schema -bit -f "&(systemflags:AND:=1)(!(linkid:AND:=1))" ldapdisplayname I get 31 attributes and they are below... In the meanwhile, settings for DNS that don't get replicated are probably kept in the registry or some config file for DNS. joe [Thu 08/05/2004 18:39:11.21] F:\DEV\cpp\NetSess>Adfind -schema -bit -f "&(systemflags:AND:=1)(!(linkid:AND:=1))" ldapdisplayname AdFind V01.17.00cpp Joe Richards ([EMAIL PROTECTED]) May 2004 Transformed Filter: &(systemflags:1.2.840.113556.1.4.803:=1)(!(linkid:1.2.840.113556.1.4.803:=1) ) Using server: 2k3dc01.joe.com Base DN: CN=Schema,CN=Configuration,DC=joe,DC=com dn:CN=Last-Logoff,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: lastLogoff dn:CN=Last-Logon,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: lastLogon dn:CN=Bad-Password-Time,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: badPasswordTime dn:CN=Bad-Pwd-Count,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: badPwdCount dn:CN=Logon-Count,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: logonCount dn:CN=Repl-Property-Meta-Data,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: replPropertyMetaData dn:CN=Repl-UpToDate-Vector,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: replUpToDateVector dn:CN=Reps-From,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: repsFrom dn:CN=Reps-To,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: repsTo dn:CN=RID-Next-RID,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: rIDNextRID dn:CN=RID-Previous-Allocation-Pool,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: rIDPreviousAllocationPool dn:CN=Schema-Update,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: schemaUpdate dn:CN=Modified-Count,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: modifiedCount dn:CN=Server-State,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: serverState dn:CN=ms-DS-Cached-Membership,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: msDS-Cached-Membership dn:CN=ms-DS-Cached-Membership-Time-Stamp,CN=Schema,CN=Configuration,DC=joe,D C=com >lDAPDisplayName: msDS-Cached-Membership-Time-Stamp dn:CN=Sub-Refs,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: subRefs dn:CN=ms-DS-ExecuteScriptPassword,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: msDS-ExecuteScriptPassword dn:CN=DS-Core-Propagation-Data,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: dSCorePropagationData dn:CN=Obj-Dist-Name,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: distinguishedName dn:CN=Object-Guid,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: objectGUID dn:CN=ms-DS-ReplicationEpoch,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: msDS-ReplicationEpoch dn:CN=ms-DS-Retired-Repl-NC-Signatures,CN=Schema,CN=Configuration,DC=joe,DC= com >lDAPDisplayName: msDS-RetiredReplNCSignatures dn:CN=USN-Changed,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: uSNChanged dn:CN=USN-Created,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: uSNCreated dn:CN=Partial-Attribute-Deletion-List,CN=Schema,CN=Configuration,DC=joe,DC=c om >lDAPDisplayName: partialAttributeDeletionList dn:CN=Partial-Attribute-Set,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: partialAttributeSet dn:CN=USN-Last-Obj-Rem,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: uSNLastObjRem dn:CN=Pek-List,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: pekList dn:CN=When-Changed,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: whenChanged dn:CN=Prefix-Map,CN=Schema,CN=Configuration,DC=joe,DC=com >lDAPDisplayName: prefixMap 31 Objects returned [Thu 08/05/2004 18:39:15.40] F:\DEV\cpp\NetSess> -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Sent: Thursday, August 05, 2004 10:40 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] How do you determine if information about an object is replicted? (Resend as I did not see this hit the list yesterday) This is a learning question. Nothing is broken but I would like to know where some information is located. How can I tell and where do I go to find out what information is replicated in Active Directory at the DNS zone level itself. For example, if you create a new zone in AD, all the contents of the zone are replicated, all the information under the Start of Authority Tab is replicated, but the contents of the Zone Transfer tab are not. I guess what I'm really asking for is where is the list of all the objects that are replicated using AD located? In searching MSDN, I looked though the schema definitions but did not see a field indicating if it was replicated or not. I know that when a DNS zone is Active Directory Integrated, if you go into ADUC (or other methods) under System\MicrosoftDNS you see the replicated zone files and dnsnode information. But as far as I can see, the actual properties of the zone are not shown, just the contents. Thanks! List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
