Solved

New 2012 DC in 2008 forest/domain.  Netlogon/Sysvol DFS referrals show only 2012 DC.

Posted on 2015-01-20
2
605 Views
Last Modified: 2015-01-21
I'm in the midst of testing a 2008 to 2012 domain upgrade.  I have segmented an existing 2008 DC into a sandbox network, as well as a new 2012 R2 member server.  I have added run the necessary ADpreps, and promoted the new 2012 DC into place and all seemingly is working perfectly.

One thing caught my eye though.  On the 2008 DC, if I navigate to \\mydomain\netlogon, and check the DFS tab in Windows Explorer, I show the referral list has all DCs in it, including the new 2012 DC.  But on the 2012 DC, if I do the same check, this referral list only shows the 2012 DC.  None of my 2008 DCs are listed at all.

I have verified by running DFSUtil Cache Referral command and it shows the same results.  This occurs for both the Netlogon and Sysvol shares.

Is this normal for a 2012 DC sitting in a 2008 domain or do I have something I need to address before moving forward with an actual domain upgrade?
0
Comment
Question by:mcdonamwION
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 40561895
What you are seeing is by design. In 2008R2 it creates a randomized list of referrals based on the active directory site. In 2012 it only references itself so that it does not refer to another DC. This is done due to performance enhancements.

I have also tested your theory in my lab and I got the same results as you did. I have also checked the Microsoft forums and there is also a question similar to yours and it is same result as well.

DFS referral 2012

Rest assured this is the correct outcome with 2012 DC's with DFS referral's.

Will.
0
 

Author Comment

by:mcdonamwION
ID: 40561999
Thanks Will.  Is there any official MS documentation to cite this functionality?  I can't find anything.  

Note:  I never thought to try it, but I checked my referral list on my Windows 8.1 workstation (against my existing 2008 domain), and I show Sysvol and Netlogon only list a single entry for one DC as well.  I guess Netlogon/Sysvol are special and do not show multiple referrals like other actual DFS namespaces (which are actually showing multiple referrals).

At any rate, thanks for answering my question!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question