Solved

New 2012 DC in 2008 forest/domain.  Netlogon/Sysvol DFS referrals show only 2012 DC.

Posted on 2015-01-20
2
575 Views
Last Modified: 2015-01-21
I'm in the midst of testing a 2008 to 2012 domain upgrade.  I have segmented an existing 2008 DC into a sandbox network, as well as a new 2012 R2 member server.  I have added run the necessary ADpreps, and promoted the new 2012 DC into place and all seemingly is working perfectly.

One thing caught my eye though.  On the 2008 DC, if I navigate to \\mydomain\netlogon, and check the DFS tab in Windows Explorer, I show the referral list has all DCs in it, including the new 2012 DC.  But on the 2012 DC, if I do the same check, this referral list only shows the 2012 DC.  None of my 2008 DCs are listed at all.

I have verified by running DFSUtil Cache Referral command and it shows the same results.  This occurs for both the Netlogon and Sysvol shares.

Is this normal for a 2012 DC sitting in a 2008 domain or do I have something I need to address before moving forward with an actual domain upgrade?
0
Comment
Question by:mcdonamwION
2 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 40561895
What you are seeing is by design. In 2008R2 it creates a randomized list of referrals based on the active directory site. In 2012 it only references itself so that it does not refer to another DC. This is done due to performance enhancements.

I have also tested your theory in my lab and I got the same results as you did. I have also checked the Microsoft forums and there is also a question similar to yours and it is same result as well.

DFS referral 2012

Rest assured this is the correct outcome with 2012 DC's with DFS referral's.

Will.
0
 

Author Comment

by:mcdonamwION
ID: 40561999
Thanks Will.  Is there any official MS documentation to cite this functionality?  I can't find anything.  

Note:  I never thought to try it, but I checked my referral list on my Windows 8.1 workstation (against my existing 2008 domain), and I show Sysvol and Netlogon only list a single entry for one DC as well.  I guess Netlogon/Sysvol are special and do not show multiple referrals like other actual DFS namespaces (which are actually showing multiple referrals).

At any rate, thanks for answering my question!
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question