Solved

No SYSVOL directory and unable to do non-authoritative restore on server 2012 R2

Posted on 2014-03-16
4
1,289 Views
Last Modified: 2014-03-17
Hi,

I have an active directory domain that I have inherited and they want to upgrade to 2012 R2.

I have tried to introduce a Windows 2012 R2 domain controller and everything replicates except for the SYSVOL directory.

Everything else replicates fine.

Other weird things are that they are running server 2008 domain controllers and only had the functional level of the domain at Windows 2000 (now 2003) and DNS is not AD integrated.

I went to do a non-authoritative restore but there is no DFSR-LocalSettings in ADSIEdit to do this. The domain controller does have NTFRS Subscriptions however.

Any help on how to get SYSVOL replication working would be appreciated.
0
Comment
Question by:workingtechnology
  • 3
4 Comments
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 500 total points
ID: 39933512
Hi,


#1
Try to access the shares by using \\saporito.local and see if you are able to see the sysvol share. if not then follow the below url and enable the share.

Set the SysvolReady Flag registry value to "0" and then back to "1" in the registry.

 Click Start, click Run, type regedit, and then click OK.
 Locate the following subkey in Registry Editor:

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]

 In the details pane, right-click SysvolReady Flag, and then click Modify.
 In the Value data box, type 0 and then click OK.
 Again in the details pane, right-click SysvolReady Flag, and then click
 Modify.  In the Value data box, type 1, and then click OK.

 Then run NET SHARE and see if the SYSVOL and NETLOGON share is present.

http://support.microsoft.com/kb/315457

##2
if sysvol share is present then try the authoritative restore of server by playing with registry.

http://support.microsoft.com/kb/315457

###3
Enable Loose Replication Consistency


 To enable Loose Replication Consistency, follow these steps on the domain controller 2003 that reports the errors messages. Locate and click the following registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters

2.Click Add Value on the Edit menu.
3.Add the following value:
Value Name: Strict Replication Consistency
 Data type: REG_DWORD
 Value data: If the value is 1, change it to 0.

###3

Check  your current schema version- http://rickardnobel.se/verify-schema-versions-on-all-domain-controllers/
0
 
LVL 1

Author Comment

by:workingtechnology
ID: 39935776
I could see the share from the server if I typed \\domain name but not if I did \\localhost or \\servername
The SysvolReady DWORD was already at 0.
If I put it to 1 it shared out the SYSVOL directory but not NETLOGON and it did not populate the directory. It only had SYSVOL\domain name and no other folders or files.
I have set it back to 0.
I am going to try an authoritative restore on PDC and non authoritative restore (using burflags as ADSIEDIT value does not exist) on the troublesome server one after the other and see if this resolves the issue.
0
 
LVL 1

Author Comment

by:workingtechnology
ID: 39936054
This is resolved now. Thanks for the suggestions.
Setting a D4 Auth Restore on the primary DC fixed the troublesome 2012 R2 domain controller but created new folders in SYSVOL and renamed the existing ones. Also stopped replication from a working domain controller.
To fix those issues I did a D2 non auth restore on the domain controller that had stopped replicating and this was fixed. I then renamed all folders in the SYSVOL directory to something else and waited for this to replicated. Then I renamed the folders that I wanted to their correct names and let this replicate.
The unwanted folders were then deleted.
DCDiag now reports no issues.
0
 
LVL 1

Author Closing Comment

by:workingtechnology
ID: 39936057
The Microsoft articles could be a bit clearer. Recommend doing D4 on PDC and D2 on all other domain controllers at the same time before starting the File replication service on PDC and then stagger the starts on the other domain controllers.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
OfficeMate Freezes on login or does not load after login credentials are input.
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now