Solved

NTFRS Replication Problems

Posted on 2011-09-22
3
1,503 Views
Last Modified: 2012-05-12
Hi Experts,

Our AD Domain has 6 sites and 12 DC's. For a long time nobody took a really good care over AD replication. Right now every DC has a different sysvol content from each other. And there are many "something_ntfrs_someid" folder, like this:

{CCA243A2-99E7-4FA1-9969-604CB73AF23B}_NTFRS_381bc33a

Yesterday I set burflags D4 in one of these DC and set the other with D2. NTFRS service restarted on all of them. Sysvol content were moved to NTFRS_PreExisting folder as expected. Before doing this procedure, I created a backup of entire sysvol folder on every Domain Controller.

After starting NTFRS service, replication begins. But some files are not being replicated and there are many folders being renamed as the example I put above as there were replication errors. Sysvol content
You can see the folders OLD and POLICIES_NTFRS_000cc1ee under c:\windows\sysvol\sysvol\mydomain

I did manually deleted it all before setting D4 and D4 keys. How they came back again?

We are also have many folders under Scripts folder getting renamed because of replication collision as image below. How do I correct it?

How do I know from which DC a specific DC is getting its data to populate Sysvol content? Netlogon content
Can I just clear all sysvol content, then set D4 and D2 burflgs registry keys and then move back to sysvol folder only the files and folders needed?
0
Comment
Question by:garconer
3 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 36581741
You shouldn't need a D4, what you are seeing there is known as morphed folders, few solutions, more on morphed folders here

http://technet.microsoft.com/en-us/library/bb727056.aspx#ECAA

some places also refer to this as name collisions in sysvol.

Thanks

Mike
0
 

Author Comment

by:garconer
ID: 36581807
Hi Mike,

Tks for the reply. Actually I've already done the instructions in the link you've sent. Folders keep being renamed and many folders and files are not being replicated among dcs. Each dc has dfrs links in place and eventvwr shows event 13568 followed by 13569 which is expected but unfortunately things are not working well. Do you know a tool that shows me from which dc some replicated folder came from?
0
 
LVL 24

Accepted Solution

by:
Sandeshdubey earned 500 total points
ID: 36584635
1) Normally for an Authoritative Restore you stop at NTFRS services on all DCs.
2) Set burflags to D4 on a known good sysvol (or at this time restore sysvol data from backup then set burflags to D4) then start NTFRS on this server.  You may want to rename the old folders with .old extensions prior to restoring good data.
3) Clean up the folders on all the remaining servers (Policies, Scripts, etc) - renamed them with .old extensions.
4) Set burflags to D2 on all remaining servers and start NTFRS.
5) Wait for FRS to replicate.
6) Clean up the .old stuff if things look good.
This is probably what you need to do to get it back.http://support.microsoft.com/kb/290762

Note:Take the backup of sysvol folder before you proceed.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Synchronize a new Active Directory domain with an existing Office 365 tenant
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question