Solved

Active Directory - JRNL_WRAP_ERROR on one domain controller

Posted on 2014-10-13
5
161 Views
Last Modified: 2014-10-13
Technical Information: Windows 2003 forest and all domains are operating at a 2003 functionally level.

Discovered that in one of my domains, I am receiving an error / event ID: 13568. Which says "The file replication service has detected the replica set "DOMAIN SYSTEM VOLUME (SYSVOL SHARE) is in JRNL_WRAP_ERROR."

The domain has two domain controllers (Lets just say DC1 & DC2). Back on 10.2.2013, is when this error in my event viewer first showed up on DC1. On the same day, DC2 is reporting that it can no longer replicate with DC1. DC2 has the PDC and RID manager role. DC1 is the infrastructure master.

My question is: If I set the BurFlags on DC1 to D2, will it restore correctly from DC2? On DC2, I cannot see the SYSVOL or NETLOGON share. I can only see this on DC1.
0
Comment
Question by:ACCESS2008
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 19

Accepted Solution

by:
Miguel Angel Perez Muñoz earned 500 total points
ID: 40377139
When JRNL_WRAP_ERROR on DC1 occurs, replication stops between both dc´s. On a common scenario simply doing a sysvol non-authoritative restoration (http://msdn.microsoft.com/en-us/library/windows/desktop/cc507518(v=vs.85).aspx) to recover normal situation.
But you must to see sysvol on DC2, since you have not got sysvol on dc2 something is failing on this dc and stops domain controller functions.
Have you try rebooting DC2?
0
 

Author Comment

by:ACCESS2008
ID: 40377493
Thank you for the comment Miguel.

 I have rebooted DC2 multiple times but this does not seem to resolve anything. Is there something I should look for on DC2 to help me identify what may be happening? I seem to be stuck in a loop where I cannot do a non-authoritative restore because the other domain controllers are not serving off the sysvol and netlogon shares.
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 40377671
You should look through the SYSVOL folders on both DCs to determine which one has the most up-to-date copy and set BurFlags to D4 (authoritative) on that one. If the SYSVOL and NETLOGON shares appear, set BurFlags to D2 on the other DC. If the SYSVOL and NETLOGON shares don't appear on the authoritative DC, there's no point in doing anything to the other one until you get that sorted out, which will likely involve a trip through the event logs.
0
 

Author Comment

by:ACCESS2008
ID: 40378062
I was able to resolve this,
As suggested by Dave, I ended up setting the BurFlags to D4 on my 2nd domain controller (DC2) as that seemed to have the most up-to-date content. I than set the rest to D2 and restarted all the services. After a few minutes my SYSVOL and NETLOGON shares were present on each domain controller followed by event ID: 13516 which states that the file replication service is no longer preventing the computer <DC2> from becoming a domain controller.

 Thanks for all the help!
0
 
LVL 26

Expert Comment

by:DrDave242
ID: 40378799
It isn't that big a deal, but since you followed my suggestion, shouldn't I get some of the points?
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question