JSI Tip 9857. When you use the Group Policy Object Editor on Windows XP, or Windows Server 2003, and change a GPO on a remote domain controller, it takes a long time for the changes to become effective?

When you use the Group Policy Object Editor to modify a GPO on a remote domain controller, the changes take a long time to become effective.

The behavior will occur if the remote domain controller is not in the PKT (Partition Knowledge Table) cache, which only holds 35 target domain controllers per domain in the DFS (Distributed File System) list. This causes the change to wait on the FRS (File Replication Service) schedule to replicate changes to the SYSVOL share.

To workaround this issue when the dfsutil /pktinfo commands does not show the remote domain controller, you can log on to the remote DC using terminal services, and change the GPO, or you can force replication:

ntfrsutl forcerepl DestinationDC /r "SYSVOLshare" /p SourceDC.DomainName.com

Where:

DestinationDC           is the name of the computer that is running the FRS service.SYSVOLshare             is the name of the replica set. The quote marks are required.SourceDC.DomainName.com is the fully qualified name of the remote DC.