[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


sysvol and netlogon shares and data missing on PDC Windows 2012

Posted on 2014-01-28
Medium Priority
Last Modified: 2014-10-24
I am trying to retire my first Domain controller machine and created a new DC to hold all FSMO roles in a windows 2012 server environment. I created my new DC, successfully transferred all FSMO and started using it as my DNS as well.  My exchange server is also acting as a Global catalog server but no FSMO roles. I turned off the old DC and things are running. However, when I went in to modify GPO, it failed.  Seems the SYSVOL and Netlogon folders did not replicate to the new DC.  All three servers show up in NTDS settings (I turned the original DC back on) but I can't get it to replicate.  I've told it to replicate from selected DC.  
What did I miss and what should my next troubleshooting steps be please?
Question by:David Bird
  • 3
LVL 13

Expert Comment

ID: 39817238
Do D2 non-authoritative restore of sysvol replication


If you are not having any old 2003 servers and its not upgraded from that means you can check the below link (Sysvol using DFS-r)


Sysvol using FRS


Author Comment

by:David Bird
ID: 39836163
sorry for long delay.  I have attempted non-authoritative D2 Restore a couple of times but no joy.  The shares for sysvol netlogon don't exist and are not created after D2 restore is done.  Folders/files don't exist.  I'm getting an error if DFS R log of 5014 and event data error 9033 The Request was cancelled by a shutdown.
Threads say to cancel replication partner and re-add.  When googling how to, all I find is how to cancel SQL replication, nothing on domains.  
Still researching.  Thanks for any continued thoughts and suggestions.

Accepted Solution

David Bird earned 0 total points
ID: 39836726
Ok, Got it figured out.
DFS replication will only work if the two folders, policies and sysvol for a domain exist.  Since neither the policies or sysvol were created, for whatever reason, the tech threads to do a non-authoritative restore or ANY replication mechanism fails.  There are no errors generated but you never get a 4602 log or 4604 log entry.  
Ergo, if you don't have sysvol and policies folders AND/OR their corresponding shares:
- stop dfsr service on all domains
- run start sysvol
- Create the policies folder and sysvol folder manually under the appropriate domain
- restart dfsr service on all domains
- follow http://support.microsoft.com/kb/2218556 steps
Hopefully, within 10-15 minutes, you'll get the 4604 and data will have replicated to your new DC.

Thanks for all the suggestions.

Author Closing Comment

by:David Bird
ID: 39846823
Figured it out

Expert Comment

ID: 40403146
Hi Guys, i know this has been correctly answered, but one thing i've noticed on all articles with this problem is that it doesn't state where I run the commands from. In my situation I'm having the identical issue as above, existing 2012 DC, new 2012 DC added, no sysvol folder etc.I've looked at the D2 restore documentation, but where do i run the fix?

Do i run it on the domain controller which is missing the sysvol folders etc? (note my dc which looks broken holds all my FSMO roles at this time)

Or is it a mixture of editing both existing DC and New DC, all documents are unclear, unless it's my frustration getting the better of me. A clear answer would be appreciated.

Many Thanks

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question