Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Sysvol\sysvol\domainname folder is empty on Domain Controllers

Posted on 2013-06-02
10
Medium Priority
?
5,225 Views
Last Modified: 2013-06-15
Hi,
We have a strange issue on both domain controllers that we have in our network. The "domainname" folder under SYSVOL\sysvol is empty. We can't find the policies and scripts folders.

-Both DCs are windows 2008 R2 Std - SP1
-Replication works fine between them
-no DNS issues. Both servers are pingeable by IP and by name
-rfs and dfs services are running

We noticed this after one user with local admin privileges faced rights issue when trying to run/install a program. We suspected this could be a restriction caused by a domain policy and we discovered that there were no policies at all on the entire domain.
Please advise.
Thanks -
0
Comment
Question by:Grayhat7
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 18

Assisted Solution

by:Sarang Tinguria
Sarang Tinguria earned 80 total points
ID: 39215236
do you have backup of sysvol if yes then restore it from there if not then run dcgpofix as a last option it will create your default domain policy and default domain controllers policy
0
 
LVL 13

Assisted Solution

by:rhinoceros
rhinoceros earned 480 total points
ID: 39215280
1. Have you checked both DC's sysvol folder are also empty?

\\DC1\sysvol and \\DC2\sysvol (replication fails in sysvol?)

2. You have changed something before?


More info:
http://community.spiceworks.com/topic/146562-sysvol-folder-on-domain-controller-is-empty
0
 
LVL 24

Assisted Solution

by:Sandeshdubey
Sandeshdubey earned 640 total points
ID: 39215816
Have you seen the sysvol for NtFrs_PreExisting folder and %systemroot%\SYSVOL\domain the policies and script may be present.If not presen then see proceed as below.

If the sysvol folder is empty(policies and script),restore the systemstate backup at alternate location and copy the content of sysvol from backup to sysvol folder and then perfrom authorative/non aothorative  restore of sysvol or if you have seperate sysvol folder backup the same can also be used.http://technet.microsoft.com/en-us/library/cc778271(v=ws.10).aspx
 
In case if the sysvol backup does not have polcies and script folder and you dont have seperate sysvol backup then you need to run dcgpofix but the old policies will be lost:http://www.windowsitpro.com/article/group-policy/how-can-i-restore-the-contents-of-the-default-domain-and-default-domain-controller-dc-group-policy-objects-gpos-
 
The Dcgpofix tool does not restore security settings in the Default Domain Controller Policy to their original state:
 http://support.microsoft.com/kb/833783

Hope this helps
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 9

Assisted Solution

by:VirastaR
VirastaR earned 400 total points
ID: 39216055
Hi,

Check this KB
How to rebuild the SYSVOL tree and its content in a domain
http://support.microsoft.com/kb/315457

Hope that helps :)
0
 

Accepted Solution

by:
Grayhat7 earned 0 total points
ID: 39216691
Thank you all,

@sarang_tinguria: no backup for the sys state
@rhinoceros: both folders are empty and nothing was changed before. the content was there and suddenly disappeared
@Sandeshdubey: i think we need to proceed as sarang_tinguira suggested

Also, i have found the following article: http://searchwindowsserver.techtarget.com/tip/How-to-rebuild-the-SYSVOL-tree-when-none-exists-in-Active-Directory

what do you suggest?
Best,
0
 
LVL 24

Assisted Solution

by:Sandeshdubey
Sandeshdubey earned 640 total points
ID: 39218537
If there is no backup then you need to run dcgpofix as suggested but the old policies will be lost and you need to recreate the GPO as per business requirement.http://windowsitpro.com/group-policy/how-can-i-restore-contents-default-domain-and-default-domain-controller-dc-group-policy

No need to rebuild the syvol structure as only polcies and script folder is missing you need to also manaully creare script folder if not present as dcgpofix will not create the same.

Then restart the FRS and netlogon service and ensure that event id 13516 is logged in FRS.

Hope this helps.
0
 
LVL 13

Assisted Solution

by:rhinoceros
rhinoceros earned 480 total points
ID: 39225078
Have you checked your Windows event log? Any errors for File Replication Services?
0
 

Assisted Solution

by:Grayhat7
Grayhat7 earned 0 total points
ID: 39233124
Thank you Sandeshdubey. No scripts were there, only default domain policy with no settings in it. i will run dcgpofix and let you know.
@rhinoceros: no FRS errors logged so far.

Best,
0
 
LVL 24

Assisted Solution

by:Sandeshdubey
Sandeshdubey earned 640 total points
ID: 39234148
Even the Script were not there you need to create Script folder.If not created the netlogon share will be not available.You can run dcgpofix as suggest follow the link which is already posted.

Hope this helps
0
 

Author Closing Comment

by:Grayhat7
ID: 39249735
Followed the solution presented in my post along with other solutions presented by the experts
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question