We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Is there anyway to bring back a sysvol folder structure back to life?

zenportafino
zenportafino asked
on
Medium Priority
1,865 Views
Last Modified: 2012-06-27
I have a network with 2 DC's that that are having all kinds of problems.  The directory structure for the sysvol folder  "policies" is missing  on both. There are backups available that go back a couple months but the problems have been around much longer than that.

Is there anyway to fix this without a good backup or wiping out the DC's?
Comment
Watch Question

What server OS are you using? I am assuming one is a PDC and the other a BDC?

Author

Commented:
Win 2000 SP4 One holds all master roles.
Top Expert 2004

Commented:
Hi,

Take a look at this link which I think describes what you need to do,

Group Policy Error Message When Appropriate Sysvol Contents Are Missing
http://support.microsoft.com/default.aspx?scid=kb;EN-US;253268

Deb :))
hi,
The problem you mention may have been caused by the most common problem in AD. (DNS)

please run netdiag on your servers from a dos prompt and let me know what they say.
That will DEFINITELY point us in the direction needed.

By the way, netdiag is not installed into windows by itself.
you must extract it from the windows 2000 cdrom under the \support\tools\support.cab

you could run the setup.exe in that folder, but that would install ALL the support tools.
All we need at this time is the netdiag.exe

When you run netdiag (on any win2k pro or server) it will save a text file in the same folder from which you executed the netdiag command. the file will be called netdiag.log

please paste the content here for our review.

thanks,
haresh

Author

Commented:
Sorry that I have not posted the results of netdiag yet but I can tell you that DNS failed.  It was the only item that failed.
welcome to windows 2000.

DNS is to windows 2000
like AIR is to humans.

make sure your machines have ONLY active directory machines listed for DNS.
Don't have ANY of your machines using a real DNS number anywhere !!!

the only one place in your entire organization where the REAL DNS should be entered,
is in the FORWARDING tab in the properties of your DNS SERVICE.
open up the mmc for DNS, and go to properties of the servername.
then go to forwarding. that's the only place a real DNS should ever be entered anywhere on the whole network!

I repeat this over and over in my advanced networking training,
because it's extremely important to get AD working properly.

Think of it like your network currently has Asthma.
fix the DNS entries in your TCP settings on all machines,
and reboot. and take a long deep breath of name resolution bliss.

haresh
sorry, it's too late for me, I must sleep now. 4:42 am ????
seeya

Author

Commented:
Only our ISP DNS is in the forwarders tab. All systems point to our main DNS server.  I've called microsoft and opened a case on it.  I'll be running ultrasound on the system to monitor sysvol and FRS activity for the next few days.  I'll let you know what happens. In the mean time, feel free to post.
if you post the netdiag results, I can give you a more detailed answer.

haresh

Author

Commented:
Microsoft Windows 2000 [Version 5.00.2195]
(C) Copyright 1985-2000 Microsoft Corp.

U:\>netdiag

.....................................

    Computer Name: EXS1
    DNS Host Name: EXS1.ExsinOrange.com
    System info : Windows 2000 Server (Build 2195)
    Processor : x86 Family 6 Model 6 Stepping 5, GenuineIntel
    List of installed hotfixes :
        KB329115
        KB823182
        KB823559
        KB824105
        KB824141
        KB824146
        KB825119
        KB826232
        KB828028
        KB828035
        KB828749
        Q147222
        Q828026


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : EXS1
        IP Address . . . . . . . . : 10.0.0.2
        Subnet Mask. . . . . . . . : 255.0.0.0
        Default Gateway. . . . . . :
        Dns Servers. . . . . . . . : 10.0.0.4


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Skipped
            [WARNING] No gateways defined for this adapter.

        NetBT name test. . . . . . : Passed
            No remote names have been found.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{9F1D17D3-4850-4335-AF48-A604833E55B9}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Failed

    [FATAL] NO GATEWAYS ARE REACHABLE.
    You have no connectivity to other network segments.
    If you configured the IP protocol manually then
    you need to add at least one valid gateway.


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
          [WARNING] Cannot find a primary authoritative DNS server for the name
            'EXS1.ExsinOrange.com.'. [RCODE_SERVER_FAILURE]
            The name 'EXS1.ExsinOrange.com.' may not be registered in DNS.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS server '10.0.0.4'. Please wait for 30 minutes for DNS server
 replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{9F1D17D3-4850-4335-AF48-A604833E55B9}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{9F1D17D3-4850-4335-AF48-A604833E55B9}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Passed
    IPSec policy service is active, but no policy is assigned.


The command completed successfully

U:\>netdiag

.....................................

    Computer Name: EXS1
    DNS Host Name: EXS1.ExsinOrange.com
    System info : Windows 2000 Server (Build 2195)
    Processor : x86 Family 6 Model 6 Stepping 5, GenuineIntel
    List of installed hotfixes :
        KB329115
        KB823182
        KB823559
        KB824105
        KB824141
        KB824146
        KB825119
        KB826232
        KB828028
        KB828035
        KB828749
        Q147222
        Q828026


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : EXS1
        IP Address . . . . . . . . : 10.0.0.2
        Subnet Mask. . . . . . . . : 255.0.0.0
        Default Gateway. . . . . . :
        Dns Servers. . . . . . . . : 10.0.0.4


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Skipped
            [WARNING] No gateways defined for this adapter.

        NetBT name test. . . . . . : Passed
            No remote names have been found.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{9F1D17D3-4850-4335-AF48-A604833E55B9}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Failed

    [FATAL] NO GATEWAYS ARE REACHABLE.
    You have no connectivity to other network segments.
    If you configured the IP protocol manually then
    you need to add at least one valid gateway.


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Failed
          [WARNING] Cannot find a primary authoritative DNS server for the name
            'EXS1.ExsinOrange.com.'. [RCODE_SERVER_FAILURE]
            The name 'EXS1.ExsinOrange.com.' may not be registered in DNS.
    [WARNING] The DNS entries for this DC are not registered correctly on DNS server '10.0.0.4'. Please wait for 30 minutes for DNS server
 replication.
    [FATAL] No DNS servers have the DNS records for this DC registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{9F1D17D3-4850-4335-AF48-A604833E55B9}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{9F1D17D3-4850-4335-AF48-A604833E55B9}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Passed
    IPSec policy service is active, but no policy is assigned.


The command completed successfully

U:\>
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Author

Commented:
Thanks haresh.  Looks like your suggestion cleared up the DNS issue.  I re booted both DC's and the policies folder is still gone. Tommorow I will try re creating the sysvol structure, create some policies on DC1 and do an authoritative restore to see if that works.  Thanks again...
.....................................

    Computer Name: EXS1
    DNS Host Name: EXS1.ExsinOrange.com
    System info : Windows 2000 Server (Build 2195)
    Processor : x86 Family 6 Model 6 Stepping 5, GenuineIntel
    List of installed hotfixes :
        KB329115
        KB823182
        KB823559
        KB824105
        KB824141
        KB824146
        KB825119
        KB826232
        KB828028
        KB828035
        KB828749
        Q147222
        Q828026


Netcard queries test . . . . . . . : Passed



Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : EXS1
        IP Address . . . . . . . . : 10.0.0.2
        Subnet Mask. . . . . . . . : 255.0.0.0
        Default Gateway. . . . . . :
        Dns Servers. . . . . . . . : 10.0.0.2


        AutoConfiguration results. . . . . . : Passed

        Default gateway test . . . : Skipped
            [WARNING] No gateways defined for this adapter.

        NetBT name test. . . . . . : Passed
            No remote names have been found.

        WINS service test. . . . . : Skipped
            There are no WINS servers configured for this interface.


Global results:


Domain membership test . . . . . . : Passed


NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{9F1D17D3-4850-4335-AF48-A604833E55B9}
    1 NetBt transport currently configured.


Autonet address test . . . . . . . : Passed


IP loopback ping test. . . . . . . : Passed


Default gateway test . . . . . . . : Failed

    [FATAL] NO GATEWAYS ARE REACHABLE.
    You have no connectivity to other network segments.
    If you configured the IP protocol manually then
    you need to add at least one valid gateway.


NetBT name test. . . . . . . . . . : Passed


Winsock test . . . . . . . . . . . : Passed


DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server '10.0.0.2' and other DCs also have some of the names registered.


Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{9F1D17D3-4850-4335-AF48-A604833E55B9}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{9F1D17D3-4850-4335-AF48-A604833E55B9}
    The browser is bound to 1 NetBt transport.


DC discovery test. . . . . . . . . : Passed


DC list test . . . . . . . . . . . : Passed


Trust relationship test. . . . . . : Skipped


Kerberos test. . . . . . . . . . . : Passed


LDAP test. . . . . . . . . . . . . : Passed


Bindings test. . . . . . . . . . . : Passed


WAN configuration test . . . . . . : Skipped
    No active remote access connections.


Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Passed
    IPSec policy service is active, but no policy is assigned.


The command completed successfully

U:\>

Commented:
haresh-nyc,

You are my hero.  Had a similar problem... One of our NICs failed on our DC, our hardware tech replaced the failed NIC - however he also enabled a fail-over NIC (which had been misconfigured with another IP address).  When he restarted the Server, which is a Windows 2000 DC, with the repaired NIC and the enabled fail-over NIC, the IP address for the fail-over NIC was entered in the DNS file as the IP address for the GC.  This caused a world of problems domain wide...  

Though your response doesn't exactly cover that scenario, it was your answer that put me on the right track to find the issue.

Thank you.  
Rich
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.