Sysvol and net logon net being shared and replication not starting on new DC

Posted on 2008-11-08
Last Modified: 2012-05-05
Here's the situation, The sysvol and netlogon shares are not being created, and no files ever get replicated to the sysvol from the other DC's.  We've followed KB's that have us set the D4(the good DC) and D2 on the bad one and still no dice.  FRSDiag doesn't report errors and ping by FQDN work just fine as well as reverse lookup.

We get the 13508 event and then it just does nothing.

Any idea's from here?
Question by:johnstrait
    LVL 4

    Expert Comment

    Try to Force the replication from the problem DC, have you try this.....!

    Author Comment

    Also ran on ntfrsutl on all dcs and it does return the information.

    NtFrsApi Version Information
       NtFrsApi Major      : 0
       NtFrsApi Minor      : 0
       NtFrsApi Compiled on: Feb 16 2007 20:10:33
    NtFrs Version Information
       NtFrs Major        : 0
       NtFrs Minor        : 0
       NtFrs Compiled on  : Feb 16 2007 20:10:45
       Latest changes:
       Install Override fix
    OS Version 5.2 (3790) -
    SP (2.0) SM: 0x0112  PT: 0x02
    Processor:  AMD64 Level: 0x0006  Revision: 0x0f06  Processor num/mask: 4/0000000

    Author Comment

    ya tried that, spent all day yesterday with PSS and still no luck, read almost every artical on here and tried about half of them, EVERYTHING looka like it should be working but it just isn't.

    13508 everytime we restart ntfrs but never 13509.

    LVL 26

    Expert Comment

    check the registry entries


    there are two parameters that close the administrative shares...
            AutoShareServer   REG_DWORD       (0)
            AutoShareWks      REG_DWORD       (0)

    if the parameters and exists and their values are 0 that set tem to one and restart your machine... that may solve your problem..
    LVL 27

    Expert Comment

    by:Jason Watkins
    Is the server's firewall on, or is there any firewall between D4, D2?  If so, open the port exceptions for Core Networking.


    Accepted Solution

    Well after 21 hours on the phone with microsoft it looks like we have found our issue.

    While not public yet, there is a internally known issue with NTFRS and Cisco's IPS / VPN.  While MS would not say anything directly, once they had me removed all packet inspection from ALL of our Cisco devices, install a patch they will be released in SP3, it started working.

    Not sure why, the MS network support guy didn't see a single lost packet and we could see the ACK's to the FRS requests.

    Now it's on to Cisco to get their side of the story, and get IPS back inspecting.

    Thanks for everyone's comments.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip is around source server preparation. No migration is an easy migration, there is a…
    Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now