Active Directory - JRNL_WRAP_ERROR on one domain controller

Posted on 2014-10-13
Last Modified: 2014-10-13
Technical Information: Windows 2003 forest and all domains are operating at a 2003 functionally level.

Discovered that in one of my domains, I am receiving an error / event ID: 13568. Which says "The file replication service has detected the replica set "DOMAIN SYSTEM VOLUME (SYSVOL SHARE) is in JRNL_WRAP_ERROR."

The domain has two domain controllers (Lets just say DC1 & DC2). Back on 10.2.2013, is when this error in my event viewer first showed up on DC1. On the same day, DC2 is reporting that it can no longer replicate with DC1. DC2 has the PDC and RID manager role. DC1 is the infrastructure master.

My question is: If I set the BurFlags on DC1 to D2, will it restore correctly from DC2? On DC2, I cannot see the SYSVOL or NETLOGON share. I can only see this on DC1.
Question by:ACCESS2008
  • 2
  • 2
LVL 19

Accepted Solution

Miguel Angel Perez Muñoz earned 500 total points
ID: 40377139
When JRNL_WRAP_ERROR on DC1 occurs, replication stops between both dc´s. On a common scenario simply doing a sysvol non-authoritative restoration ( to recover normal situation.
But you must to see sysvol on DC2, since you have not got sysvol on dc2 something is failing on this dc and stops domain controller functions.
Have you try rebooting DC2?

Author Comment

ID: 40377493
Thank you for the comment Miguel.

 I have rebooted DC2 multiple times but this does not seem to resolve anything. Is there something I should look for on DC2 to help me identify what may be happening? I seem to be stuck in a loop where I cannot do a non-authoritative restore because the other domain controllers are not serving off the sysvol and netlogon shares.
LVL 26

Expert Comment

ID: 40377671
You should look through the SYSVOL folders on both DCs to determine which one has the most up-to-date copy and set BurFlags to D4 (authoritative) on that one. If the SYSVOL and NETLOGON shares appear, set BurFlags to D2 on the other DC. If the SYSVOL and NETLOGON shares don't appear on the authoritative DC, there's no point in doing anything to the other one until you get that sorted out, which will likely involve a trip through the event logs.

Author Comment

ID: 40378062
I was able to resolve this,
As suggested by Dave, I ended up setting the BurFlags to D4 on my 2nd domain controller (DC2) as that seemed to have the most up-to-date content. I than set the rest to D2 and restarted all the services. After a few minutes my SYSVOL and NETLOGON shares were present on each domain controller followed by event ID: 13516 which states that the file replication service is no longer preventing the computer <DC2> from becoming a domain controller.

 Thanks for all the help!
LVL 26

Expert Comment

ID: 40378799
It isn't that big a deal, but since you followed my suggestion, shouldn't I get some of the points?

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Disabling the Directory Sync Service Account in Office 365 will stop directory synchronization from working.
Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question