Subcommands Not Covered Under the Previous Scenarios
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2, Windows Server 2008, Windows Server 2008 R2
This topic covers additional subcommands that you can use with repadmin.
Display replication features
The repadmin /bind command connects to, and displays the replication features for a directory partition on a domain controller.
Syntax
repadmin /bind <DC_LIST>
Parameter |
Description |
<DC_LIST> |
Specifies the host name of a domain controller, or a list of domain controllers separated by a space. For details about <DC_LIST>, see repadmin /listhelp. |
Example: Display replication features on the local domain controller, which is running Windows Server 2003
Note that the LINKED_VALUE_REPLICATION is set to NO because the forest functional level is set to Windows 2000 instead of Windows Server 2003.
.gif "Repadmin /bind")
Server object GUID (DSA GUID) & Database GUID
The repadmin /dsaguid command returns a server name when given a globally unique identifier (GUID).
Syntax
repadmin /dsaguid <DC_LIST> <GUID>
Parameter |
Description |
<DC_LIST> |
Specifies the host name of a domain controller, or a list of domain controllers separated by a space. For details about <DC_LIST>, see repadmin /listhelp. |
<GUID> |
Specifies the unique hexadecimal number that identifies the domain controller. The globally unique identifier (GUID) can be retrieved by using the showreps operation. |
Example: Display the domain controller name when given a GUID
Look at the usage of “.” here for <DC_LIST>.
.gif "Repadmin /dsaguid")
Please refer to repadmin /showrepl for a detailed explanation and difference between DSA GUID and Database GUID.
Certificates loaded on a domain controller
The repadmin /showcert command displays the server certificates loaded on a specified domain controller.
Syntax
repadmin /showcert <DC_LIST>
Parameter |
Description |
<DC_LIST> |
Specifies the host name of a domain controller, or a list of domain controllers separated by a space. For details about <DC_LIST>, see repadmin /listhelp. |
Retired Application partition GUIDs (signature)
Each domain controller has a naming context signature list. The repadmin /showncsig command displays a list of the removed application directory partition GUIDs. An application directory partition can be configured to be held or not held on a particular domain controller by using ntdsutil.
Syntax
repadmin /showncsig <DC_LIST>
Parameter |
Description |
<DC_LIST> |
Specifies the host name of a domain controller, or a list of domain controllers separated by a space. For details about <DC_LIST>, see repadmin /listhelp. |
Example: Display the recently retired ForestDnsZone application directory partition on the local domain controller
.gif "Repadmin /showncsig")
The following information is displayed in figure 3.12.4:
Partition name
InvocationID at the time of removal
Highest update sequence number (USN) at the time of removal
Date of removal
Unanswered replication calls
The repadmin /showoutcalls command displays calls that have not yet been answered, made by the specified domain controller to other domain controllers.
Syntax
repadmin /showoutcalls <DC_LIST>
Parameter |
Description |
<DC_LIST> |
Specifies the host name of a domain controller, or a list of domain controllers separated by a space. For details about <DC_LIST>, see repadmin /listhelp. |
Example: Hub domain controller waiting for the request to be answered from a spoke domain controller
.gif "Repadmin /showoutcalls")
showproxy
Lists cross domain move proxy objects. When an object is moved to another domain, a marker is left in the old domain indicating that the object used to be there. This is called the proxy.
Syntax1
repadmin /showproxy <DC_LIST> <NamingContext> [matchstring]
Syntax2
repadmin /showproxy <DC_LIST> <ObjectDN> [matchstring] /movedobject
Parameter |
Description |
<DC_LIST> |
Specifies the host name of a domain controller, or a list of domain controllers separated by a space. For details about <DC_LIST>, see repadmin /listhelp. |
<NamingContext> |
Specifies the distinguished name of the directory partition on the source domain controller. |
matchstring |
Specifies the distinguished name of the object. |
<ObjectDN> |
Specifies a filter for the output. Type a string of characters that must be present in the distinguished name in order to display the object. |
/movedobject |
Displays a history of information from the original domain on a moved object after it has reached the new domain. |
Retired Database GUIDs (signature)
The repadmin /showsig command displays the retired InvocationIDs on a domain controller. A domain controller changes its InvocationID on being restored or when re-hosting an application partition.
Syntax
repadmin /showsig <DC_LIST>
Parameter |
Description |
<DC_LIST> |
Specifies the host name of a domain controller, or a list of domain controllers separated by a space. For details about <DC_LIST>, see repadmin /listhelp. |
Example 1: Simple usage of no retired signatures
.gif "Repadmin /showsig")
Example 2: Simple usage of retired signature
.gif "Repadmin /showsig")
Convert directory service time to readable time
The repadmin /showtime command converts a directory service time value to string format for both the local and the Coordinated Universal Time (UTC) time zones.
Syntax
repadmin /showtime <DSTimeValue>
Parameter |
Description |
<DSTimeValue> |
Specifies the time value that needs to be converted. |
Note
With parameters omitted, repadmin /showtime displays the current system time in both the directory service format and string format.
Example 1: Usage with directory service time format
.gif "Repadmin /showtime")
Example 2: Current system time
.gif "Repadmin /showtime")
Active Directory domains trusted by domain controller
The repadmin /showtrust command lists all Active Directory domains (in the same forest) that are trusted by the specified domain controller’s domain.
Syntax
repadmin /showtrust <DC_LIST>
Parameter |
Description |
<DC_LIST> |
Specifies the host name of a domain controller, or a list of domain controllers, separated by a space. For details about <DC_LIST>, see repadmin /listhelp. |
Example: Display Active Directory domains that are trusted by the domain of the local domain controller
.gif "Repadmin /showtrust")
Linked Distinguished Name values
The repadmin /showvalue command is used to list only linked distinguished name values. Linked distinguished name values can also be obtained by the repadmin /showobjmeta subcommand with the /linked switch.
Syntax
repadmin /showvalue <DC_LIST> ObjectDN <AttributeName> <ValueDN> [/nocache]
Parameter |
Description |
<DC_LIST> |
Specifies the host name of a domain controller, or a list of domain controllers, separated by a space. For details about DC_LIST, see repadmin /listhelp. |
<ObjectDN> |
Specifies the distinguished name of the object. |
<AttributeName> |
Specifies a single attribute whose value you want to display. |
<ValueDN> |
Specifies the distinguished name of the attribute that is displayed. |
/nocache |
Specifies that GUIDs are left in hexadecimal form. By default, GUIDs are translated into strings. |
Example: Display members of the Domain Admins group
Note that showvalue lists value for only forward links. Backward links (such as memberOf) are not obtained.
.gif "Repadmin /showvalue")