This article describes how to use the DNSLint utility to troubleshoot Active Directory replication issues.
The Active Directory is a distributed database. It is used to store information about objects on a network and to permit users to access this information. Active Directory replication is used to synchronize partition replicas among domain controllers in an Active Directory forest. This replication process permits users to access information from wherever they are on the network. When this replication process does not work as designed, users may experience an interruption in the services that rely on information from the Active Directory: domain logon and access to network resources, such as files and printers.
Active Directory replication relies on the Domain Name System (DNS) to resolve names to IP addresses as needed. An Active Directory domain controller typically registers a variety of DNS records with its configured DNS server when its netlogon service starts. DNSLint is a Microsoft Windows utility that runs on Windows 2000-and-later operating systems. Among other uses, it can help you troubleshoot Active Directory replication issues. Specifically, it can help you determine two things:
|•||Whether all DNS servers that are supposed to be authoritative for the root of an Active Directory forest actually have the necessary DNS records to successfully synchronize partition replicas among domain controllers in an Active Directory forest. DNSLint identifies which DNS records are missing from each authoritative DNS server.|
|•||Whether a particular Active Directory domain controller can resolve all of the necessary DNS records to successfully synchronizing partition replicas among domain controllers in an Active Directory forest. DNSLint identifies which DNS records cannot be resolved by the domain controller being tested.|