Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Need Help Fixing Sysvol Replication

Posted on 2014-12-02
3
Medium Priority
?
305 Views
Last Modified: 2014-12-09
We are currently run 2 domain controllers, both 2008 R2 in our environment.  Call them DC1 and DC2.  Both servers are on the same lan as each other with no firewall in between.

DC1 is the pdc holding all fsmo roles.  DNS currently runs on this server too.
DC2 is a domain controller and not a gc server.

AD replication works just fine.  We are using DFS-R for sysvol replication.  This seems to be completely broken with both servers.  In troubleshooting this I seem to be getting no where fast.  I found that there are a handful (maybe more) of objects missing when using adsi edit tool.  Until I started looking at this recently, we did not have any system state backups scheduled.  Therefore, I cannot just roll back to a previous state and initiate restores to fix this.

I would like to demote the pdc and re-promote it to fix this issue so that all objects and attributes are created properly again.  My thinking is that I backup the sysvol folder on DC1, demote the server, re-promote it, restore the sysvol folder, then initiate an authoritative restore for DC1, and a non-authoritative restore for DC2.   It seems the last IT guy severely broke some things while trying to do another task.

Can someone advise on this?  Would the steps I mentioned be ok to perform?  What all would I need to do to fix this issue?  Your help is much appreciated.
0
Comment
Question by:spadmin1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 12

Assisted Solution

by:David Paris Vicente
David Paris Vicente earned 1000 total points
ID: 40477387
Hi spaadmin1,

As a suggestion before starting to depromote DC's you should try a few steps if you already didn´t try it.

First check the health of the SYSVOL replication using DFSR you can do this by install the Distributed File System management tools on a machine. You can do this through Server Manager.

From this tool, click the Create Diagnostic Report action and accept the default Health report option. Click Next to all pages to accept the defaults, and at the end, click Create. A report will be created showing you the health of DFRS environment, take note of the problems and try to solve them.
Other test is to run the propagation test, run the propagation report, which will show if data is actually being replicated. Both of the propagation options are located as part of the Create Diagnostic Report action.

Then check the event viewers from both DC's in Applications and Services Logs, DFS Replication, and look for errors or warnings.

Some of this guidelines that I used are mention here

I aslo advise you to take a look in this KB

Hope it helps
0
 
LVL 10

Accepted Solution

by:
Walter Padrón earned 1000 total points
ID: 40477537
Is DC2 broken? I guess that because you want to use DC1 as the source of an authoritative restore then don't touch DC1


ONLY if DC2 is the non-authoritative server for sysvol and broken. What i will do is shutdown DC2 and test that everything continuous to work, then try to demote DC2 and if not then forcibly demote the server and then promote it again.

Best regards
0
 

Author Comment

by:spadmin1
ID: 40490135
Thanks guys.  I ended up having to recreate a couple objects and attributes related to DFSR and Sysvol using ADSI edit tool.  After that I was able to do an authoritative restore which worked like a charm.
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question