With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.
I am trying to retire my first Domain controller machine and created a new DC to hold all FSMO roles in a windows 2012 server environment. I created my new DC, successfully transferred all FSMO and started using it as my DNS as well. My exchange server is also acting as a Global catalog server but no FSMO roles. I turned off the old DC and things are running. However, when I went in to modify GPO, it failed. Seems the SYSVOL and Netlogon folders did not replicate to the new DC. All three servers show up in NTDS settings (I turned the original DC back on) but I can't get it to replicate. I've told it to replicate from selected DC.
What did I miss and what should my next troubleshooting steps be please?
Ok, Got it figured out.
DFS replication will only work if the two folders, policies and sysvol for a domain exist. Since neither the policies or sysvol were created, for whatever reason, the tech threads to do a non-authoritative restore or ANY replication mechanism fails. There are no errors generated but you never get a 4602 log or 4604 log entry.
Ergo, if you don't have sysvol and policies folders AND/OR their corresponding shares:
- stop dfsr service on all domains
- run start sysvol
- Create the policies folder and sysvol folder manually under the appropriate domain
- restart dfsr service on all domains
- follow http://support.microsoft.com/kb/2218556 steps
Hopefully, within 10-15 minutes, you'll get the 4604 and data will have replicated to your new DC.
Thanks for all the suggestions.
Hi Guys, i know this has been correctly answered, but one thing i've noticed on all articles with this problem is that it doesn't state where I run the commands from. In my situation I'm having the identical issue as above, existing 2012 DC, new 2012 DC added, no sysvol folder etc.I've looked at the D2 restore documentation, but where do i run the fix?
Do i run it on the domain controller which is missing the sysvol folders etc? (note my dc which looks broken holds all my FSMO roles at this time)
Or is it a mixture of editing both existing DC and New DC, all documents are unclear, unless it's my frustration getting the better of me. A clear answer would be appreciated.
|Is AD Certificate Services necessary to migrate||7||48|
|cannot create more new mailboxes EX2013||2||35|
|Powershell: Check if WinRM is listening||3||25|
|Clearwell e-discovery compatible with Enterprise Vault 11.0.1+||2||21|
Join the community of 500,000 technology professionals and ask your questions.
Connect with top rated Experts
21 Experts available now in Live!