PassSync and Multiple AD domain controllers

Posted on

I have a question about the password synchronization between AD and RDS 10.1.

The documentation states that the PassSync utility should be installed on EVERY Domain Controller. Yet it also states that there should be only ONE replication agreement created for the entire domain.

How do I reconcile this?
Do I create one agreement between my master RDS (I have 2) and one AD Domain Controller but install the PassSync utility on all the DCs in the domain? Or is there a way to specify multiple DCs in the replication agreement that I set up on the RDS?

The documentation seems to acknowledge that you can have multiple domain controllers, but does not address how to work with more than one.

Thank you,