Creating the Directory Replicator service does not have to be difficult.
Keeping it working properly, however, can be frustrating.
To install NT's Directory Replicator service, you need to have an export
server and one or more import servers.
On the export server, open User Manager for Domains in the
Administrative Tools. At the Primary Domain Controller (PDC), create a new user
that is a default member of the Domain Users group. I named this user REPL. Be
sure you clear the "User must change password at next logon" checkbox.
Open Control Panel and run the Services applet. Choose Startup for the
Directory Replicator service, and change the Startup Type from Manual to
Automatic. In the Log On As control, choose This Account. Click the browse
button on the right side of the window, and locate the new user account you
added in step 1. Double-click the account name, add the appropriate password,
and click OK. The system will display the message that NT has granted the domain
user the right to Log On As Service and added this user account to the
Replicator local group, as you see in Screen 1. (NT also adds the user
account to the local Backup Operators group.) Click OK on the message box.
Open Server Manager in the Administrative Tools, and double-click the
name of the server on your network that you want to export files from. Click the
Replication button, and select Export Directories, as you see in Screen 2.
The \winnt\system32\repl\export directory is the default export
directory. Click the Add button, and add the names of the machines (either
workstations or servers) that you want to export files to. Choose Manage to
conFigure specific directories for export. By default, NT replicates (exports)
the scripts directory. In addition, I usually click the entire subtree setting.
Choose OK to exit the dialog box. A message will appear that tells you NT
is attempting to start the Directory Replicator service. If it does not start,
check the application log in Event Viewer for application or network errors
related to this service.
The final step is to log on to the import computers and repeat step 3 for
the import directories. Open Server Manager, and click the Replication button.
Choose Add, and specify the name of the export server.
Close the dialog box after you specify the export server and conFigure the
import path. Replication will begin within several minutes. Screen 3
shows files successfully replicated to an import client from an export
server.
I always give the replication user explicit full control permissions to the
import directories on the import systems and the export directories on the
export system.
Does the application log in Event Viewer show any messages for the
Directory Replicator service? I have seen both application and network errors.
Try to determine the cause of the message (most messages are numbers; go to a
command prompt and type
Net Helpmsg "msg#"
to get an explanation of the problem). Check the application logs on the
import and export systems.
If you are importing files to multiple systems, check whether all the
machines exhibit the same problems. If not, you know the problem is system
specific and probably relates to a permission or setup issue.
What time zones are the import and export computers running in?
Replication is time dependent, so time delays could affect the replication of
your files. In local domains, always synchronize the time between the export and
import computers.
Does the import computer have Backup Operator privileges. At a minimum,
the \import directory and \import\scripts directory must have change
permissions. The Backup Operators group must also have permission to back up and
restore files and directories. If these permissions are not set, you will see
errors 5, 1300, and 1307 in the application log in Event Viewer.
Are the import and export computers in different domains? If so, make
sure the password and username are the same in both domains, and that the
domains trust each other.
Make sure the files or directories you are replicating don't have any
extended attributes (e.g., special access). These extended attributes can cause
replication problems.
If either the export directory or the import directories are on an NTFS
partition, use NT Explorer or File Manager to look at the access control lists
(ACLs) on the import and export trees. Make sure the Replicator local group has
at least change permissions for these directories.
Check to see whether a user account has a file always open on either the
import or export computer. If so, you will see a file open error (error
32) as a sharing violation in the Event Log on both of the machines.
Make sure you can locate a REPL$ share on the export computer (the
Directory Replicator service creates this share). The Directory
Replication dialog box also sets an ACL for the REPL$ share. Using the Net
command or other means to create the REPL$ share will probably cause problems.
Run the Net Start command on the export and import computers, and
make sure both computers list the Directory Replicator (or equivalent) service.
If either the import directory or the export directory is on an NTFS
partition, do any of the same files in these directories differ only by case?
Unfortunately, you can't predict which file NT will replicate in this situation.
For example, the export computer may send a file with a lowercase filename, and
the import computer may receive a file with an uppercase filename. This
situation results in the replication being out of sync.
If the export computer is running OS/2 or UNIX and the import computer
is running NT, is the export computer's local time within half an hour of the
import computer's time? If not, the NT network redirector will produce time
conflicts and cause the system to try to copy everything again and again. In
this situation, replication may never occur.
Some versions of the OS/2 importer leave the archive bit set for all
files imported, regardless of whether the bit was set on the export side. This
situation can result in continuous copying. One workaround is to set the archive
bit for all files on the export computer (NT to NT replication correctly clones
the archive bit).
Some LAN Manager 2.1a import computers do not set their status file to
OK.RP$ (replication is OK). The Directory Replicator service won't recopy files
each time the export computer sends files to the import computer, but the
service will compare the files. Except for not establishing the correct state of
the status file, the service correctly replicates the files. This behavior does
not occur on LAN Manager 2.2 importers.
Some versions of LAN Manager for OS/2 and UNIX allow hard disk files
with reserved names, such as LPT1 or COM1. Do not use such file names.
LAN Manager for OS/2 has a design limitation that prevents it from using
more than one set of credentials (a username and password) at a time.
That way, for example, if a user interactively logs on with one user ID and the
Directory Replicator service tries to use a different user ID, the Directory
Replicator service can't replicate any files until the interactive user logs
off. However, if the interactive user and the Replicator user have the same user
ID, replication is possible, depending on the value of the TryUser value in the
lanman.ini file. (The system determines the setting of the TryUser value.)
Import computers running LAN Manager for OS/2 and UNIX are generally
limited to 1000 files per directory (keep in mind that the "." and the
".." directory entries use 2 of these 1000 entries).
Are you replicating files from a High-Performance File System (HPFS)
partition (written by OS/2) to an NT server? If any of these files have extended
attributes, you might run into problems. OS/2 might have written the extended
attributes in discontiguous parts of the export hard disk, and NT does not
support this structure. The Directory Replicator service includes the extended
attributes sizes in its checksums, and these values may be wrong in this
situation. Wrong values could cause directory replication to stay out of sync
permanently. You can use NT to rewrite the same values for the extended
attributes to one contiguous area, if you know their original values.
If a router separates the import and export computers, go to
Replication under the Server applet in the Control Panel and add their machine
names to the export To List and the export machine name to the import From List.
This step forces name resolution across the router and should synchronize the
computers with the domain.
I've had good luck using NT's Directory Replicator service across a local
domain. However, I've encountered problems when trying to replicate files across
multiple domains where routers and switches are involved. In these situations, I
recommend an application such as Octopus Super Automatic Switch Over (SASO) 2.0
(for a review, see Carlos Bernal, "Octopus SASO 2.0," June 1997).
Previous
Register
