Use_Notify configuration analysis for change notification replication
1 site link(s) do not have Use_Notify enabled. Without change notification, replication between sites follows the schedule interval (typically 15-180 minutes) rather than occurring immediately after changes.
Run with -EnableSiteLinks to enable Use_Notify on these site links.
KCC-generated connections inherit notify behavior from site links automatically.
1 manual connection(s) exist in this topology. Manual connections do not inherit Use_Notify from site links and require OVERRIDE_NOTIFY_DEFAULT (0x4) | USE_NOTIFY (0x8) set explicitly.
Run with -EnableSiteLinks to set notify flags on manual connections that lack them.
In most environments, KCC-managed connections are preferred; consider removing manual connections
and letting KCC manage the topology.
Site links define replication topology between AD sites. When Use_Notify (0x1) is enabled, domain controllers send change notifications across the link, enabling near-immediate replication instead of waiting for the scheduled interval.
| Name | Cost | Schedule (min) | Sites Included | Use_Notify | Options |
|---|---|---|---|---|---|
| LIVINGROOM-TO-KITCHEN | 100 | 15 | Living-Room, Kitchen | Enabled | 0x1 |
| BATHROOM-TO-CLOSET | 200 | 180 | Bathroom, Closet | Disabled | 0x0 |
| KITCHEN-TO-BATHROOM | 100 | 15 | Kitchen, Bathroom | Enabled | 0x1 |
Replication connections define the inbound replication path for each domain controller. Auto-generated connections (created by KCC) inherit Use_Notify from site links. Manual connections do not inherit from site links and are generally unnecessary.
Auto-Generated (KCC): Created automatically by the Knowledge Consistency Checker. These inherit notification behavior from site links. This is the recommended configuration.
Manual: Administrator-created connections. These do not inherit notify from site links and require both OVERRIDE_NOTIFY_DEFAULT (0x4) and USE_NOTIFY (0x8) to be set explicitly. In most environments, these should be removed in favor of KCC-managed connections.
| From Server | To Server | Site | Type | Notify | Options |
|---|---|---|---|---|---|
| STIMPY | REN | Living-Room | Auto (KCC) | Yes (from site link) | 0xD |
| REN | STIMPY | Living-Room | Auto (KCC) | Yes (from site link) | 0xD |
| REN | MUDDY-MUDSKIPPER | Kitchen | Auto (KCC) | Yes (from site link) | 0xD |
| MUDDY-MUDSKIPPER | POWDERED-TOAST | Bathroom | Auto (KCC) | No (site link not configured) | 0x1 |
| POWDERED-TOAST | MR-HORSE | Closet | Auto (KCC) | No (site link not configured) | 0x1 |
| STIMPY | MR-HORSE | Closet | Manual | No (manual connection) | 0x0 |
Per-partition notification timing stored on crossRef objects in CN=Partitions,CN=Configuration.
These AD attributes override the per-DC registry defaults for the specific naming context.
Queryable via repadmin /notifyopt.
msDS-Replication-Notify-First-DSA-Delay: Overrides the holdback timer (registry default: 15s) for this partition. Stored centrally in AD.
msDS-Replication-Notify-Subsequent-DSA-Delay: Overrides the inter-DSA delay (registry default: 3s) for this partition. Stored centrally in AD.
When set, these take precedence over the per-DC registry values for the corresponding naming context.
| Partition | DNS Root | First DSA Delay | Subsequent DSA Delay |
|---|---|---|---|
| Configuration | 15s default (15s) | 3s default (3s) | |
| DomainDnsZones | mikecrowley.us | 15s default (15s) | 3s default (3s) |
| ForestDnsZones | mikecrowley.us | 15s default (15s) | 3s default (3s) |
| mikecrowley | mikecrowley.us | 15s default (15s) | 3s default (3s) |
These registry settings control notification timing behavior on each domain controller. Values shown are effective settings (custom values or defaults).
Notify Pause After Modify (Holdback): Time to wait after a change before notifying the first partner. Default: 15 seconds (Server 2003+; was 300s on Win2000). Prevents excessive notifications during bulk changes.
Notify Pause Between DSAs: Delay between notifying each subsequent replication partner. Default: 3 seconds (Server 2003+; was 30s on Win2000). Spreads out replication load across partners.
AvoidPdcOnWan: When enabled (1), DCs won't urgently replicate password changes to PDC emulator if it's in a different site. Useful for branch offices with unreliable WAN links.
| Domain Controller | Holdback Timer | Inter-DSA Delay | AvoidPdcOnWan |
|---|---|---|---|
| REN | 15s default | 3s default | Disabled default |
| STIMPY | 15s default | 3s default | Disabled default |
| MUDDY-MUDSKIPPER | 5s custom | 3s default | Disabled default |
| POWDERED-TOAST | 15s default | 3s default | Enabled enabled |
| MR-HORSE | Connection Error: WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled. | ||
0x1 (bit 0) - NTDSSITELINK_OPT_USE_NOTIFY: Enables change notification. DCs notify partners of changes rather than waiting for the replication schedule.
0x2 (bit 1) - NTDSSITELINK_OPT_TWOWAY_SYNC: Enables reciprocal replication. Designed for dial-up/VPN scenarios where only one side can initiate.
0x4 (bit 2) - NTDSSITELINK_OPT_DISABLE_COMPRESSION: Disables inter-site replication compression on this link.
Bits 3-31 are reserved (must be zero).
0x01 (bit 0) - NTDSCONN_OPT_IS_GENERATED: Auto-generated by KCC. These inherit notification settings from site links.
0x02 (bit 1) - NTDSCONN_OPT_TWOWAY_SYNC: Reciprocal replication for this connection.
0x04 (bit 2) - NTDSCONN_OPT_OVERRIDE_NOTIFY_DEFAULT: Required to override the site link's notification behavior on this connection.
0x08 (bit 3) - NTDSCONN_OPT_USE_NOTIFY: Enables change notification. Only effective when OVERRIDE_NOTIFY_DEFAULT is also set.
0x10 (bit 4) - NTDSCONN_OPT_DISABLE_INTERSITE_COMPRESSION: Disables compression of replication data on this connection.
0x20 (bit 5) - NTDSCONN_OPT_USER_OWNED_SCHEDULE: KCC will not overwrite the schedule attribute on this connection.
0x40 (bit 6) - NTDSCONN_OPT_RODC_TOPOLOGY: Used by FRS replication only; ignored by DRS replication.
Bits 7-31 are reserved (must be zero).
KCC propagation: USE_NOTIFY (0x1) on a site link causes KCC to set OVERRIDE_NOTIFY_DEFAULT | USE_NOTIFY (0x4 | 0x8 = 0xC) on auto-generated connections. Configuring site links is the recommended approach.