?
Solved

No SYSVOL directory and unable to do non-authoritative restore on server 2012 R2

Posted on 2014-03-16
4
Medium Priority
?
1,442 Views
Last Modified: 2014-03-17
Hi,

I have an active directory domain that I have inherited and they want to upgrade to 2012 R2.

I have tried to introduce a Windows 2012 R2 domain controller and everything replicates except for the SYSVOL directory.

Everything else replicates fine.

Other weird things are that they are running server 2008 domain controllers and only had the functional level of the domain at Windows 2000 (now 2003) and DNS is not AD integrated.

I went to do a non-authoritative restore but there is no DFSR-LocalSettings in ADSIEdit to do this. The domain controller does have NTFRS Subscriptions however.

Any help on how to get SYSVOL replication working would be appreciated.
0
Comment
Question by:workingtechnology
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 2000 total points
ID: 39933512
Hi,


#1
Try to access the shares by using \\saporito.local and see if you are able to see the sysvol share. if not then follow the below url and enable the share.

Set the SysvolReady Flag registry value to "0" and then back to "1" in the registry.

 Click Start, click Run, type regedit, and then click OK.
 Locate the following subkey in Registry Editor:

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]

 In the details pane, right-click SysvolReady Flag, and then click Modify.
 In the Value data box, type 0 and then click OK.
 Again in the details pane, right-click SysvolReady Flag, and then click
 Modify.  In the Value data box, type 1, and then click OK.

 Then run NET SHARE and see if the SYSVOL and NETLOGON share is present.

http://support.microsoft.com/kb/315457

##2
if sysvol share is present then try the authoritative restore of server by playing with registry.

http://support.microsoft.com/kb/315457

###3
Enable Loose Replication Consistency


 To enable Loose Replication Consistency, follow these steps on the domain controller 2003 that reports the errors messages. Locate and click the following registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters

2.Click Add Value on the Edit menu.
3.Add the following value:
Value Name: Strict Replication Consistency
 Data type: REG_DWORD
 Value data: If the value is 1, change it to 0.

###3

Check  your current schema version- http://rickardnobel.se/verify-schema-versions-on-all-domain-controllers/
0
 
LVL 1

Author Comment

by:workingtechnology
ID: 39935776
I could see the share from the server if I typed \\domain name but not if I did \\localhost or \\servername
The SysvolReady DWORD was already at 0.
If I put it to 1 it shared out the SYSVOL directory but not NETLOGON and it did not populate the directory. It only had SYSVOL\domain name and no other folders or files.
I have set it back to 0.
I am going to try an authoritative restore on PDC and non authoritative restore (using burflags as ADSIEDIT value does not exist) on the troublesome server one after the other and see if this resolves the issue.
0
 
LVL 1

Author Comment

by:workingtechnology
ID: 39936054
This is resolved now. Thanks for the suggestions.
Setting a D4 Auth Restore on the primary DC fixed the troublesome 2012 R2 domain controller but created new folders in SYSVOL and renamed the existing ones. Also stopped replication from a working domain controller.
To fix those issues I did a D2 non auth restore on the domain controller that had stopped replicating and this was fixed. I then renamed all folders in the SYSVOL directory to something else and waited for this to replicated. Then I renamed the folders that I wanted to their correct names and let this replicate.
The unwanted folders were then deleted.
DCDiag now reports no issues.
0
 
LVL 1

Author Closing Comment

by:workingtechnology
ID: 39936057
The Microsoft articles could be a bit clearer. Recommend doing D4 on PDC and D2 on all other domain controllers at the same time before starting the File replication service on PDC and then stagger the starts on the other domain controllers.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question