Let’s say you want to isolate a domain controller for a certain time, you would issue the command:
repadmin /options +DISABLE_INBOUND_REPL or/and +DISABLE_OUTBOUND_REPL
normally this command requires Domain Admin/Enterprise Admin privileges.
Why and how to change that below.. first the usual warnings:
Playing with ADSIEDIT could damage your domain, please test everything in a lab environment first blabla.