FRS replication accross sites

Posted on 2013-06-20
Medium Priority
Last Modified: 2013-06-20

We have our PDC running Windows Server 2008 R2 which is also our AD server. We have 3 other DC servers one running Windows Server 2008 R2 on the same subnet, 2 running Winders server 2003 SP1 on different subnets.

When updating group policy I get the following error -
Event 13508 NTFRS

The File Replication Service is having trouble enbaling replication from Server4(Windows 2003) to Server1(PDC) for c:\windows\sysvol\domain using the DNS name server4.company.com.au. FRS will keep trying.

It replicates to the other 2 DC fine.

Thanks for your help
Question by:Balco
LVL 10

Expert Comment

ID: 39261718
13508 event ID occurs when DNS mis-configuration is there and Firewall is blocking any AD related ports (ex: 135,139,53). Check below links and correct DNS settings and disable Firewall for time being to check File Replication Status.

DNS Best Practices


Note: Provide repadmin /replsum log to know if any AD replication issues there or not.
LVL 18

Accepted Solution

Sarang Tinguria earned 2000 total points
ID: 39261920
I would also have crosschecked replication and DNS prior going further as Zenvenky suggested
Did u see any FRS error events  on "server4.company.com.au" if yes then post event details

if you see any 13568 error on server4.company.com.au then follow below proc

first check that you have proper Connection objects has been created in Sites and Services

Browse \\WorkingDC.domain.local copy sysvol & netlogon and keep backup on ProblemDC &  WorkingDC (If can not browse check network connectivity/Port and don't proceed further)

Go to WorkingDC  stop NTFRS service open regedit and go to "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup" change the burflag value to D4 Start NTFRS(File Replication service) service and wait for File Replication event ID 13516 now Go to ProblemDC  stop NTFRS service open regedit go to "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at <samp>Startup" change the burflag value to D2 -> Start NTFRS(File Replication service) service and wait for File Replication event ID 13516 now

Check Now your sysvol and netlogon shares are available

Above is called Authoritive(D4) and non-Authoritive Restore (D2)

Refer http://support.microsoft.com/kb/257338 for more info

What happens in a Journal Wrap?
LVL 24

Expert Comment

ID: 39261952
There are multiple reasons for event id 13508 to occur it could be due network latency issue.Ad sites and services are not set corectly,replication issue,dns misconfig,required port not open for AD replication,secure channel broken,etc.See this for more info

Troubleshooting File Replication Service
FRS problem - event ID 13508 (without 13509)
Best practices for DNS client settings on DC and domain members.
WEBINAR: GDPR Implemented - Tips & Lessons Learned

Join the WatchGuard team on Thursday, March 29th as we recount some valuable lessons learned in weighing the needs of a business against the new regulatory environment, look ahead at the two months left before implementation, and help you understand the steps you can take today!


Author Comment

ID: 39264788
Thanks for the responses.

There was Network connectivity so this was all good.

On the Problem DC I did find the Journalk Wrap error so procedd with the Authoritive(D4) and non-Authoritive Restore (D2) and it all looks good now.

Do I need to change the registry keys back to 0 formn D4 and D2?
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 39264985
No, Once you have restarted File replication service it will auto revert to 0

Author Closing Comment

ID: 39265008
The solution was very thorough and easy to understand and follow.

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone.  Any comments, bug reports etc. are welcome...
Native ability to set a user account password via AD GPO was removed because the passwords can be easily decrypted by any authenticated user in the domain. Microsoft recommends LAPS as a replacement and I have written an article that does something …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question