Link to home
Start Free TrialLog in
Avatar of Tyler-Roy
Tyler-Roy

asked on

DSGETDCNAME advertising test failing. SYSVOL and NETLOGON shares not replicating. Please help!!!

Hello all. I have just joined this community, and I have to say out of sheer desperation. I have been working on this issue for days now and can not seem to find a solution. I am praying that someone here might be able to help me...

I'll keep it as to the point as I can. We have a Windows Server 2003 VM ("retired1") acting as a DHCP, DNS, ADDC and GC server. It also held FSMO. it is being hosted by Windows Server 2012 Hyper-V.

We added a second VM ("retired2012"). It is Windows Server 2012. I promoted it to a DC and replicated AD, DHCP and DNS. I transferred FSMO but kept the GC at retired1.

However, FRS replication did not replicate SYSVOL or NETLOGON shares. This is problem A. Without this, I cannot demote retired1 because retired2012 will not allow user logins.

Problem B. After running: "dcdiag /test:advertising" I get an error saying:


   Testing server: Default-First-Site\RETIRED2012

      Starting test: Advertising

         Warning: DsGetDcName returned information for

         \\retired1.RetireFirst.local, when we were trying to reach

         RETIRED2012.

         SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.

         ......................... RETIRED2012 failed test Advertising

So without this passing, FRS can not complete replication of SYSVOL or NETLOGON shares. A brief summary of what I have tried.

Checked for multiple NICs. Checked firewall rules to allow for replication. Performed D2 non authoritative restore of shares. Re registered DNS. Restarted net login services on all DCs. Checked DNS records for errors (could have missed something though). Set each DC to own DNS server and also tried to common retired1 for DNS. Among others...

Once again I implore anyone who can help to please lend a hand. It would be greatly appreciated!

I can post any additional data you may want to look at. I just wanted to provide a summary to start. Thank you in advance!
Avatar of Sandesh Dubey
Sandesh Dubey
Flag of India image

As sysvol is not replicated you need to perfrom authorative and non authorative of sysvol folder to fix the same.Assuming you have two DC Win2003 and Win2012.On 2003DC ran D4(auth restore) and on 2012DC ran D2(nonauth restore).Refer below link:http://support.microsoft.com/kb/290762

Take the backup of policies and script folder from 2003DC and copy the same to alternate location before you proceed.

Configure authorative time server on the PDC role holder server below is the KB article for the same.http://support.microsoft.com/kb/816042

Also disable time sync from host to VM server:http://jorgequestforknowledge.wordpress.com/2011/09/14/time-sync-recommendations-for-virtual-dcs-on-hyper-v-change-in-recommendations/

Ensure correct dns setting as this:http://abhijitw.wordpress.com/2012/03/03/best-practices-for-dns-client-settings-on-domain-controller/

Hope this helps
ASKER CERTIFIED SOLUTION
Avatar of Sarang Tinguria
Sarang Tinguria
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Tyler-Roy
Tyler-Roy

ASKER

To both of you:

Thank you! Everything I had read from Microsoft had said that a D4 restore should not be attempted except as a very last resort. I did try it earlier on, but it did not work. I think the problem was that before I had restarted NETLOGON as well when apparently it was not needed and actually prevented proper replication.

DCDIAG now passes advertising; sysvol and netlogon are replicating properly it says. A great test I think will be to shut down the old DC and try to connect a client computer to the domain. If netlogon successfully replicated, it should work. Then I can run the demotion of the old server.

Thank you again! I will keep you UTD with my tests now to ensure no fall backs to this problem!
Just out of curiosity, I clicked accept multiple solutions and now I can only select one. Howdy I select the other answer as correct as well?
Lost many hours today trying "the entire internet" lol. Accepted solution solved in 10 minutes!

A Big Thank You
Hi _ i need clarification on what you wrote - browse \\WorkingDC.domain.local copy sysvol & netlogon and keep backup on ProblemDC &  WorkingDC (If can not browse check network connectivity/Port and don't proceed further)

Go to WorkingDC  stop NTFRS service open regedit and go to "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup" change the burflag value to D4 Start NTFRS(File Replication service) service and wait for File Replication event ID 13516 now Go to ProblemDC  stop NTFRS service open regedit go to "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at <samp>Startup" change the burflag value to D2 -> Start NTFRS(File Replication service) service and wait for File Replication event ID 13516 now

my "Dc-bad" no longer has sysvol and netlogon shares available.   It's repl partner in same domain is from another site.  Do I select the "workingDC" as the repl partner or select the PDC of this domain to perform this action ?  

I obviously don't want to foul it up.  Please reply when you can.
Thx
John