Thursday, March 10, 2011

How to manually move the ISTG role to another server

The Knowledge Consistency Checker (KCC) is an Active Directory component that is responsible for the generation of the replication topology between domain controllers. One domain controller per site holds the Inter-Site Topology Generator (ISTG) role, which is responsible for managing the inbound replication connection objects for all bridgehead servers in the site in which it is located.

If you have more than one domain controller in your organization, the ISTG is the DC responsible for creating the <automatically generated> connection objects that you see in Active Directory Sites and Services, as shown below:


The ISTG role is fairly "sticky".  The first domain controller promoted in a site takes on the ISTG role, and the role does not change as additional domain controllers are added to the site.  If the current ISTG becomes unavailable for 60 minutes, an election is held by the other DCs in the site to appoint a new ISTG.  This can sometimes cause problems for Active Directory replication. 

Consider the following scenario. Your domain contains two sites, SiteA and SiteB.  Each site has two DCs for redundancy and high availability - DC1 and DC2 in SiteA, and DC3 and DC4 in SiteB.  If both sites are connected to each other using DC1 and DC3 and those servers happen to be the ISTG servers for the two sites, it will take over 60 minutes to create new automatic connections if either of those two servers becomes unavailable.  To overcome this, manually move the ISTG to another server.  Here's how to do it.
  1. Open ADSIEDIT.msc
  2. Expand Configuration [DomainController].
  3. Expand CN=Configuration,DC=<domain>,DC=<com>.
  4. Expand CN=Sites.
  5. Highlight CN=<sitename> for the site where you want to change the ISTG Server.
  6. In the details pane, right-click on CN=NTDS Site Settings and select Properties.
  7. Locate the interSiteTopologyGenerator attribute and you will see which Domain Controller is designated as the ISTG server.
  8. To change the server, click Edit and then change the server name, as shown below.

4:54 PM