Netlogon missing - but sysvol present on SBS 2003 - tried burflag with D4
I have an SBS 2003 box with a missing netlogon share. I caused this somehow in the last 4 hours, but I'm not sure how exactly. I have a system state backup from before I made any changes (system state backup is about 36 hours old at this point), though I'm nervous about using it - as it says I need to start in directory restore mode. I can do it, but I'm hoping someone with more experience can either guide me to another solution or allay my fears about that system state restore.
I'm doing a swing migration from SBS 2003 to SBS 2008. There was a journal wrap error in my SBS 2003 file replication log so I took the steps to get rid of that. In addition, I had two additional domain controllers (Server 2003 R2). I did a dcpromo to remove them from being domain controllers (required by the swing migration method).
I noticed this after I removed the other two domain controllers.
Somewhere along that path, I lost the netlogon share. I lost sysvol, too. I know for a fact that I set the burflag to d2 at first on the SBS box (which was not correct because that's the non-authoritative reset). I rebooted and got sysvol back. Then after reading more, I set the burflag for ntfrs rebuild to d4 as per this article:
http://support.microsoft.com/kb/290762/
I'm at a loss. I've been googling and googling. I don't have any old domain controllers in HKLM\Software\CurrentContr
My users CAN log in - so it's not as bad as the typical situation where the SYSVOL and netlogon are missing. But from my understanding the lack of a netlogon folder is a problem with your domain controller.
When I start up the server, here is what I see in the File Replication Service event log:
Event ID 13501 - The File Replication Service is starting.
and then 30 to 45 seconds later
Event ID 13516 - The File Replication Service is no longer preventing the computer SERVER2 from becoming a domain controller. The system volume has been successfully initialized and the Netlogon service has been notified that the system volume is now ready to be shared as SYSVOL.
Type "net share" to check for the SYSVOL share.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Below are screen shots of "net share" the shares area of computer management, the File Replication Service Event Log.
As usual, any help is appreciated.
Thanks
shares.jpg
eventlog.jpg
netshare.jpg
dcdiag.txt
I'm doing a swing migration from SBS 2003 to SBS 2008. There was a journal wrap error in my SBS 2003 file replication log so I took the steps to get rid of that. In addition, I had two additional domain controllers (Server 2003 R2). I did a dcpromo to remove them from being domain controllers (required by the swing migration method).
I noticed this after I removed the other two domain controllers.
Somewhere along that path, I lost the netlogon share. I lost sysvol, too. I know for a fact that I set the burflag to d2 at first on the SBS box (which was not correct because that's the non-authoritative reset). I rebooted and got sysvol back. Then after reading more, I set the burflag for ntfrs rebuild to d4 as per this article:
http://support.microsoft.com/kb/290762/
I'm at a loss. I've been googling and googling. I don't have any old domain controllers in HKLM\Software\CurrentContr
My users CAN log in - so it's not as bad as the typical situation where the SYSVOL and netlogon are missing. But from my understanding the lack of a netlogon folder is a problem with your domain controller.
When I start up the server, here is what I see in the File Replication Service event log:
Event ID 13501 - The File Replication Service is starting.
and then 30 to 45 seconds later
Event ID 13516 - The File Replication Service is no longer preventing the computer SERVER2 from becoming a domain controller. The system volume has been successfully initialized and the Netlogon service has been notified that the system volume is now ready to be shared as SYSVOL.
Type "net share" to check for the SYSVOL share.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Below are screen shots of "net share" the shares area of computer management, the File Replication Service Event Log.
As usual, any help is appreciated.
Thanks
shares.jpg
eventlog.jpg
netshare.jpg
dcdiag.txt
Shreedhar Ette
After setting the burflag have you restarted the File replication, Netlogon and DNS services.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I actually rebooted after each time I changed the burflag. Each time you see event id 13566 in the event log (above), that's what happens after I have changed the burflag and then rebooted.
After rebooting the burflag value becomes 0.
After rebooting the burflag value becomes 0.
ASKER
I'll be pissed if that previous EE question is the answer. I searched for hours. Completely unrelated, I'm running an offline defrag right now - so I'll be able to test in the morning.
since you had other DC's up were they managing any of your FSMO roles? if so have they been reconfigured to be operating on the only remaining DC?
how to change FSMO roles
http://support.microsoft.com/kb/324801
how to change FSMO roles
http://support.microsoft.com/kb/324801
ASKER
@squallkill99 - I never moved any of the FSMO roles from my SBS box, so that would be the issue. Theoretically, it wouldn't hurt to try to seize those roles bc the SBS box should have them anyway - so I'll look at that as well. Still waiting for the offline defrag to finish to look at simply manually recreating the netlogon folder.
ASKER
I had a variety of issues related to a corrupt sysvol, but regarding the actual issue of missing netlogon share, I just needed to recreate the scripts folder.
In the end, I had to restore my sysvol from backup and run a burflags=d4.
In the end, I had to restore my sysvol from backup and run a burflags=d4.