Server 2012 R2 missing sysvol and netlogon since promoted to PDC?

Hi All,

I've encountered a problem that many users seem to have experienced previously on experts exchange, but I'm after a bit of clarification.

This was the question and answer I found, but the resolution is a bit brief and I'm after a little clarification.
I am trying to retire my first Domain controller machine and created a new DC to hold all FSMO roles in a windows 2012 server environment. I created my new DC, successfully transferred all FSMO and started using it as my DNS as well.  My exchange server is also acting as a Global catalog server but no FSMO roles. I turned off the old DC and things are running. However, when I went in to modify GPO, it failed.  Seems the SYSVOL and Netlogon folders did not replicate to the new DC.  All three servers show up in NTDS settings (I turned the original DC back on) but I can't get it to replicate.  I've told it to replicate from selected DC.  
 What did I miss and what should my next troubleshooting steps be please?

RESOLUTION suggested:
Ok, Got it figured out.
 DFS replication will only work if the two folders, policies and sysvol for a domain exist.  Since neither the policies or sysvol were created, for whatever reason, the tech threads to do a non-authoritative restore or ANY replication mechanism fails.  There are no errors generated but you never get a 4602 log or 4604 log entry.  
 Ergo, if you don't have sysvol and policies folders AND/OR their corresponding shares:
 - stop dfsr service on all domains
 - run start sysvol
 - Create the policies folder and sysvol folder manually under the appropriate domain
 - restart dfsr service on all domains
 - follow steps
 Hopefully, within 10-15 minutes, you'll get the 4604 and data will have replicated to your new DC.

 Thanks for all the suggestions.

My Query:
Hi Guys, i know this has been correctly answered, but one thing i've noticed on all articles with this problem is that it doesn't state where I run the commands from. In my situation I'm having the identical issue as above, existing 2012 DC, new 2012 DC added, no sysvol folder etc.I've looked at the D2 restore documentation, but where do i run the fix?

 Do i run it on the domain controller which is missing the sysvol folders etc? (note my dc which looks broken holds all my FSMO roles at this time)

 Or is it a mixture of editing both existing DC and New DC, all documents are unclear, unless it's my frustration getting the better of me. A clear answer would be appreciated.

 Many Thanks

Some pointers on this matter would be great.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

How about your old DC?
Is the old DC is wiped out or you can bring it online?
How many days it is offline? more than 180 days?
If recently you made him offline without decommissioning, you can bring old DC online, simply make it online and demote \ promote new 2012  DC again
Because in order to restore sysvol with twicks, it needs to be in good condition at least on one domain controller from where you can replicate authoritatively
OR you need to restore it authoritatively from last healthy backup

Now moving to your question:
In order to get sysvol authoritative restore followed by non-authoritative restore sequence should be:
Disable sysvol dfsr (msDFSR-Enabled=FALSE) on all domain controllers including PDC
Then stop dfsr replication service on all domain controllers including PDC
Then set "msDFSR-options=1" and set "msDFSR-Enabled=TRUE" on PDC server only
Start dfsr service on PDC server only, this will initiate PDC server authoritative restore
Once operation completed successfully, you should be able to get sysvol and netlogon shares on PDC by running "Net Share" command
Now go to all domain controllers one by one and run "msDFSR-Enabled=TRUE" followed by start dfsr service
This should initiate non authoritative restore of sysvol on other domain controllers

If you just wanted to initiate non-authoritative restore of sysvol-dfsr on single or multiple DCs, follow below steps
Go to DC where you wanted to initiate non-authoritative restore and set "msDFSR-Enabled=FALSE" followed by stop dfsr service
Now again set "msDFSR-Enabled=TRUE" and start dfsr service
This will initiate non-authoritative restore for that particular DC

The above options can be set through adsiedit.msc or PowerShell
Check below blog post for location and PowerShell commands


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.