Getting a Better Understanding of Active Directory

Posted on 2011-03-15
Medium Priority
Last Modified: 2012-05-11
Can some one please explain the functional difference between the sysvol and netlogon shares.

For example in my 2008 domain all of my script and login script reside in my sysvol folder yet my netlogon folder is blank?

What is the difference between the ntfrsutl and repadmin tools?

I having a really hard time understaninf A.D junctions points. CAn anyone please explain to me in simple terms what this is who how I can view one
Question by:compdigit44
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
LVL 11

Expert Comment

ID: 35138083
I can answer one of those questions for you:

SYSVOL contains login scripts, group policy settings, and much more info about AD.

NETLOGON is just a copy of anything you have in the folder SYSVOL\domain.com\scripts
LVL 20

Author Comment

ID: 35138599
if netlolgon is a copy of the sysvol folder then why is it even needed????
LVL 11

Accepted Solution

TheGorby earned 1000 total points
ID: 35138933
Windows NT and older clients use the NETLOGON share for login scripts , Windows 2000 and newer clients use SYSVOL. This article has a bit more detail: http://www.windowsnetworking.com/kbase/WindowsTips/Windows2000/AdminTips/Domain/SysvolvsNetlogondomaincontrollershares.html
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

LVL 21

Assisted Solution

snusgubben earned 1000 total points
ID: 35140065
What is the difference between the ntfrsutl and repadmin tools

ntfrsutl is a command line tool used with FRS, while repadmin is used more with AD replication and other directory service tasks.

I having a really hard time understaninf A.D junctions points

They are used in i.e. the SYSVOL replica tree. A JP is a physical location on a hard disk that points to another location on a disk. Think of it as a link.

See SYSVOL folder domain controllers

if netlolgon is a copy of the sysvol folder then why is it even needed????

It sounds like you provide logon scripts through GPOs, then your NETLOGON (scripts folder) will be empty. If you provide logon scripts directly on the user object (Profile tab), the scripts is located in the NETLOGON folder/share.
LVL 20

Author Comment

ID: 35150919
Actually I misspoke before I just created our Sysvol and Netlogon shares and they both are mirror images of one another and contain the same information.

I'm not using GP's to assign logon scripts but they are assigned via the Profile -> logon script on the users accot tab..

I'm still having a hard time understanding J.P's? IN WIndows 2008 the only documents and settings folder is a shorcut to USERS , could this be considers a J.P?
LVL 21

Expert Comment

ID: 35152716
Did you created the SYSVOL and NETLOGON share manually??

Profile -> logon script on the users accot tab..

This points to the NETLOGON share (Scripts folder), so if this field says i.e. "logon.bat" this script should be located in the NETLOGON share.

In Win2008, C:\Documents and Settings is a JP that points to C:\Users

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question