11.29. Disabling the KCC for a Site
Problem
You want to disable the KCC for a site and generate your own replication connections between domain controllers.
Solution
Using a graphical user interface
Open ADSI Edit.
Connect to the Configuration Naming Context if it is not already displayed.
In the left pane, browse the Configuration Naming Context → Sites.
Click on the site you want to disable the KCC for.
In the right pane, double-click
CN=NTDS
Site
Settings
.Modify the
options
attribute. To disable only intra-site topology generation, enable the 00001 bit (decimal 1). To disable inter-site topology generation, enable the 10000 bit (decimal 16). To disable both, enable the 10001 bits (decimal 17).Click OK.
Using a command-line interface
You can disable the
KCC
for <SiteName>
by using the
ldifde
utility and an LDIF file that contains the
following:
dn: cn=NTDS Site Settings,<SiteName
>,cn=sites,cn=configuration,<ForestRootDN
> changetype: modify replace: options options: <OptionsValue
> -
If the LDIF file were named disable_kcc.ldf, you would run the following command:
> ldifde -v -i -f disable_kcc.ldf
Using VBScript
' This code disables the KCC for a site.
' ------ SCRIPT CONFIGURATION ------
strSiteName = "<SiteName
>" ' e.g. Default-First-Site-Name boolDisableIntra = TRUE ' set to TRUE/FALSE to disable/enable intra-site boolDisableInter = TRUE ' set to TRUE/FALSE to disable/enable inter-site ' ------ END CONFIGURATION --------- strAttr = "options" set objRootDSE = GetObject("LDAP://RootDSE") set ...
Get Active Directory Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.