Active Directory Lightweight Directory Services – Replication

Replicating an AD LDS instance is quite simple. First, install the AD LDS role on the second server. Next, launch the Active Directory Lightweight Directory Services Setup Wizard. Select “A replica of an existing instance”.


Name the instance appropriately and select the appropriate LDAP and LDAPS ports. Enter the FQDN of the first AD LDS server, and port that the AD LDS instance is listening on. The LDAP port has a restriction of either TCP/389 or a TCP port between 1025 and 65535.


Enter an account that has Administrative credentials on the instance (e.g. a Local Administrator). Select the Application Partition(s) to replicate.


Note that as future Application Partitions are added to the AD LDS instance, they will automatically be replicated.

Select the file location for the AD LDS instance as well as what account the Windows Service will run as. Choose an Instance administrator. Finally, the AD LDS instance will be set up and begin replication.


If LDAPS (SSL) is to be used on the server hosting the replicated instance, a certificate must be created and SSL set up just like the primary server hosting AD LDS.

Trevor Seward is a Microsoft Office Apps and Services MVP who specializes in SharePoint Server administration, hybrid scenarios, and SharePoint Online. He has been working with SharePoint for 16 years from SharePoint 2003 on up, managing environments with terabytes of content for 150,000+ user organizations. Trevor is an author of Deploying SharePoint 2016 and Deploying SharePoint 2019. You can find him on Twitter and in /r/sharepoint.