Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

SYSVOL Objects replecation across DC's

Posted on 2010-09-03
5
Medium Priority
?
551 Views
Last Modified: 2012-07-18
I have an AD domain with three Dcs. At some stage recently users began having difficulty accessing shares and their re-directed documents folders. I tracked the problem down to the lack of GPOs in the SYSVOL shares on all of the DCs. On one of the DCs I found a folder called "NtFrs_PreExisting___See_EventLog" and the GPOs were within this directory. I manually copied these folders and files using xcopy so as to retain permissions etc back into the SYSVOL/domain.local folder on each of the DC's and set the registry HKEY_LM\System\CurrentControlSet\Services\Netlogon\Parameters\SysvolReady from 0 to 1. After this I restarted NTFRS and Netlogon and things seemed to start working again. I notice now however that changes to GPS are not propergating across the different DS's and I am un certain how to overcome this issue. Other user entries that are not part of GPOs are replicating just fine , the issue I am having seems to be confined to information that is stored within the SYSVOL share including but not limited to the GPO's

ANy suggestions?
0
Comment
Question by:broadsoft
  • 2
  • 2
5 Comments
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 2000 total points
ID: 33596415
Run through the burflag method to get the replication to start again chose the one DC that is not having issues which is usally your DC that holds the PDC emulator role

Stopped NTFRS service on both DCs.
Make one of the DC authoritative server by modifying registry setting : Navigate to registry HKLM\System\CCS\Services\NTFRS\Parameters\CumlativeReplicaSets and Set the Burflags value to D4. This should be done with server which has the Updated information available or correct data.

Go to the other DCs and make them Non-authoritative by navigating to same registry location HKLM\System\CCS\Services\NTFRS\Parameters\CumlativeReplicaSets and Set the Burflags value to D2.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33596426
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 33596778
Also check the events in your FRS log and crosscheck with this page
http://technet.microsoft.com/en-us/library/bb727056.aspx
Thanks
Mike
0
 

Author Closing Comment

by:broadsoft
ID: 33596915
Many thanks for that quick response. After following your suggestions everything is now replecating on all DC's once again.
One final question on this - should I now delete the  "NtFrs_PreExisting___See_EventLog" entry in the SYSVOL directory now?
Once again, thank you for your assistance,.
0
 

Author Comment

by:broadsoft
ID: 33596937
One final question on this - should I now delete the  "NtFrs_PreExisting___See_EventLog" entry in the SYSVOL directory now?
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question