PROBLEM: You need to check if two domain controllers are in sync with each other.
SOLUTION: To do this you need to understand a bit about how Active Directory reports if a domain controller replication is in sync. There is something called a UTDV up-to-dateness vector that is basically a number representing what the domain controller thinks the latest version of the active directory database is.
If you interrogate DC01 and that thinks itself has a USN (I.e the UTDV) of 1552480, you then interrogate DC02 and that thinks DC01 USN is: 1552480 then you can conclude that both the domain controllers are in-sync.
So to check this you would run the commands below each domain controller DC01 and DC02 in turn to check the status:
repadmin /showutvec DC01 dc=domain,dc=local
SITE1\DC01 @ USN 1552480 @ Time 2011-02-13 13:09:30
SITE2\DC02 @ USN 1438130 @ Time 2011-02-13 12:57:31
repadmin /showutvec DC02 dc=domain,dc=local
SITE1\DC01 @ USN 1552123 @ Time 2011-02-13 13:03:29
SITE2\DC02 @ USN 1438145 @ Time 2011-02-13 13:57:31
So in this example, the USNs (up to date-ness vectors) are not the same, so the domain controllers are no in sync. DC01 thinks its USN (UTDV) is 1552480 while DC02 thinks that DC01’s USN is: 1552123. Now in the example below:
repadmin /showutvec DC01 dc=domain,dc=local
SITE1\DC01 @ USN 1552505 @ Time 2011-02-13 13:18:40
SITE2\DC02 @ USN 1438188 @ Time 2011-02-13 13:15:37
repadmin /showutvec DC02 dc=domain,dc=local
SITE1\DC01 @ USN 1552505 @ Time 2011-02-13 13:16:37
SITE2\DC02 @ USN 1438224 @ Time 2011-02-13 13:19:31
DC01 thinks its USN is: 1552505, and DC02 thinks that is also 1552505 too. Meaning they are in sync.
However you’ll notice that DC01 thinks that DC02 USN is: 1438188 while DC02 thinks its USN is: 1438224, because DC02 has a higher USN that DC01 it means there are un-replicated changes waiting to go from DC02 to DC01.