Solved

NTFRS Replication Problems

Posted on 2011-09-22
3
1,500 Views
Last Modified: 2012-05-12
Hi Experts,

Our AD Domain has 6 sites and 12 DC's. For a long time nobody took a really good care over AD replication. Right now every DC has a different sysvol content from each other. And there are many "something_ntfrs_someid" folder, like this:

{CCA243A2-99E7-4FA1-9969-604CB73AF23B}_NTFRS_381bc33a

Yesterday I set burflags D4 in one of these DC and set the other with D2. NTFRS service restarted on all of them. Sysvol content were moved to NTFRS_PreExisting folder as expected. Before doing this procedure, I created a backup of entire sysvol folder on every Domain Controller.

After starting NTFRS service, replication begins. But some files are not being replicated and there are many folders being renamed as the example I put above as there were replication errors. Sysvol content
You can see the folders OLD and POLICIES_NTFRS_000cc1ee under c:\windows\sysvol\sysvol\mydomain

I did manually deleted it all before setting D4 and D4 keys. How they came back again?

We are also have many folders under Scripts folder getting renamed because of replication collision as image below. How do I correct it?

How do I know from which DC a specific DC is getting its data to populate Sysvol content? Netlogon content
Can I just clear all sysvol content, then set D4 and D2 burflgs registry keys and then move back to sysvol folder only the files and folders needed?
0
Comment
Question by:garconer
3 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36581741
You shouldn't need a D4, what you are seeing there is known as morphed folders, few solutions, more on morphed folders here

http://technet.microsoft.com/en-us/library/bb727056.aspx#ECAA

some places also refer to this as name collisions in sysvol.

Thanks

Mike
0
 

Author Comment

by:garconer
ID: 36581807
Hi Mike,

Tks for the reply. Actually I've already done the instructions in the link you've sent. Folders keep being renamed and many folders and files are not being replicated among dcs. Each dc has dfrs links in place and eventvwr shows event 13568 followed by 13569 which is expected but unfortunately things are not working well. Do you know a tool that shows me from which dc some replicated folder came from?
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 500 total points
ID: 36584635
1) Normally for an Authoritative Restore you stop at NTFRS services on all DCs.
2) Set burflags to D4 on a known good sysvol (or at this time restore sysvol data from backup then set burflags to D4) then start NTFRS on this server.  You may want to rename the old folders with .old extensions prior to restoring good data.
3) Clean up the folders on all the remaining servers (Policies, Scripts, etc) - renamed them with .old extensions.
4) Set burflags to D2 on all remaining servers and start NTFRS.
5) Wait for FRS to replicate.
6) Clean up the .old stuff if things look good.
This is probably what you need to do to get it back.http://support.microsoft.com/kb/290762

Note:Take the backup of sysvol folder before you proceed.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Mapping Drives using Group policy preferences Are you still using old scripts to map your network drives if so this article will show you how to get away for old scripts and move toward Group Policy Preference for mapping them. First things f…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question