Solved

No SYSVOL directory and unable to do non-authoritative restore on server 2012 R2

Posted on 2014-03-16
4
1,396 Views
Last Modified: 2014-03-17
Hi,

I have an active directory domain that I have inherited and they want to upgrade to 2012 R2.

I have tried to introduce a Windows 2012 R2 domain controller and everything replicates except for the SYSVOL directory.

Everything else replicates fine.

Other weird things are that they are running server 2008 domain controllers and only had the functional level of the domain at Windows 2000 (now 2003) and DNS is not AD integrated.

I went to do a non-authoritative restore but there is no DFSR-LocalSettings in ADSIEdit to do this. The domain controller does have NTFRS Subscriptions however.

Any help on how to get SYSVOL replication working would be appreciated.
0
Comment
Question by:workingtechnology
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 500 total points
ID: 39933512
Hi,


#1
Try to access the shares by using \\saporito.local and see if you are able to see the sysvol share. if not then follow the below url and enable the share.

Set the SysvolReady Flag registry value to "0" and then back to "1" in the registry.

 Click Start, click Run, type regedit, and then click OK.
 Locate the following subkey in Registry Editor:

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]

 In the details pane, right-click SysvolReady Flag, and then click Modify.
 In the Value data box, type 0 and then click OK.
 Again in the details pane, right-click SysvolReady Flag, and then click
 Modify.  In the Value data box, type 1, and then click OK.

 Then run NET SHARE and see if the SYSVOL and NETLOGON share is present.

http://support.microsoft.com/kb/315457

##2
if sysvol share is present then try the authoritative restore of server by playing with registry.

http://support.microsoft.com/kb/315457

###3
Enable Loose Replication Consistency


 To enable Loose Replication Consistency, follow these steps on the domain controller 2003 that reports the errors messages. Locate and click the following registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters

2.Click Add Value on the Edit menu.
3.Add the following value:
Value Name: Strict Replication Consistency
 Data type: REG_DWORD
 Value data: If the value is 1, change it to 0.

###3

Check  your current schema version- http://rickardnobel.se/verify-schema-versions-on-all-domain-controllers/
0
 
LVL 1

Author Comment

by:workingtechnology
ID: 39935776
I could see the share from the server if I typed \\domain name but not if I did \\localhost or \\servername
The SysvolReady DWORD was already at 0.
If I put it to 1 it shared out the SYSVOL directory but not NETLOGON and it did not populate the directory. It only had SYSVOL\domain name and no other folders or files.
I have set it back to 0.
I am going to try an authoritative restore on PDC and non authoritative restore (using burflags as ADSIEDIT value does not exist) on the troublesome server one after the other and see if this resolves the issue.
0
 
LVL 1

Author Comment

by:workingtechnology
ID: 39936054
This is resolved now. Thanks for the suggestions.
Setting a D4 Auth Restore on the primary DC fixed the troublesome 2012 R2 domain controller but created new folders in SYSVOL and renamed the existing ones. Also stopped replication from a working domain controller.
To fix those issues I did a D2 non auth restore on the domain controller that had stopped replicating and this was fixed. I then renamed all folders in the SYSVOL directory to something else and waited for this to replicated. Then I renamed the folders that I wanted to their correct names and let this replicate.
The unwanted folders were then deleted.
DCDiag now reports no issues.
0
 
LVL 1

Author Closing Comment

by:workingtechnology
ID: 39936057
The Microsoft articles could be a bit clearer. Recommend doing D4 on PDC and D2 on all other domain controllers at the same time before starting the File replication service on PDC and then stagger the starts on the other domain controllers.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question