Enable Strict Replication Consistency

If your Domain had existed pre Windows 2003 you have to run the following command:

  1. Open Nodepad and add the text (NO WHITE-SPACES AT THE END):
    1. dn: CN=94fdebc6-8eeb-4640-80de-ec52b9ca17fa,CN=Operations,CN=ForestUpdates,CN=Configuration,DC=<contoso>,DC=<com>
    2. changetype: add
      objectClass: container
    3. showInAdvancedViewOnly: TRUE
    4. name: 94fdebc6-8eeb-4640-80de-ec52b9ca17fa
    5. objectCategory: CN=Container,CN=Schema,CN=Configuration,DC=<contoso>,DC=<com>
  2. Save the File As EnableSTC.ldf
  3. Open elevated command prompt, navigate to the place where you saved the file
  4. Run “ldifde.exe -i -f EnableSTC.ldf

Don’t forget to enable it on your existing DCs as well using:

  1. Regedit: HKLM\SYSTEM\ControlSetXXX\Services\NTDS\Parameters
  2. Create “Strict Replication Consistency” as a new DWORD with the value “1”