TCPIPNet
asked on
Windows Server 2003 R2 (SYSVOL) Replication Issues
Hello,
Can someone help me figure this out. I have two DC's (SRV01 and SRV02 ) in production. SRV01 is GC, DNS and seems to have been installed since 2007. SRV02 has Exchange 2003 installed.
SRV01 and SRV02 don't seem to SYSVOL replicate; however when it comes to creating users from anyone of them, the created user is immediately found on the other. Group Policies don't work has expected. I am tasked to upgrade windows 2003 R2 SP2 to Windows server 2008 R2 and migarting Exchange 2003 to Exchange 2010. Both server must be removed from the network.
SRV01 have a couple failed tests from DCDIAG test. Please see below;
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... SRV01 failed test frsevent
.
.
.
An Error Event occured. EventID: 0xC0002719
Time Generated: 02/11/2015 08:57:08
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 02/11/2015 08:57:50
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 02/11/2015 08:58:34
(Event String could not be retrieved)
......................... SRV01 failed test systemlog
.
.
.
Starting test: VerifyReferences
Some objects relating to the DC SRV01 have problems:
[1] Problem: Missing Expected Value
Base Object:
CN=SRV01,OU=Domain Controllers,DC=child ,DC=parent,DC=com
Base Object Description: "DC Account Object"
Value Object Attribute Name: frsComputerReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
[1] Problem: Missing Expected Value
Base Object:
CN=NTDS Settings,CN=SRV01,CN=Serve
Base Object Description: "DSA Object"
Value Object Attribute Name: serverReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
......................... SRV01 failed test VerifyReferences
The Event ID: 13562 is also found on SRV01 since 2007 (I believe since windows server 2003 was introduce to the network)
SRV02 passed the DCDIAG test.
SRV02 was also installed in 2007.
On SRV02, I have the Event ID: 13516 since 2008 (oldest log) which states that : The File Replication Service is no longer preventing the computer MAIL from becoming a domain controller. The system volume has been successfully initialized and the Netlogon service has been notified that the system volume is now ready to be shared as SYSVOL. Type "net share" to check for the SYSVOL share.
The "net share" do show me the SYSVOL share.
Due the replication issues, I have decided to correct the replication issue before anything else. Can anyone help?
I have attached the complete output of DCDIAG for both servers.
SRV01dcdiag.txt
SRV02dcdiag.txt
Can someone help me figure this out. I have two DC's (SRV01 and SRV02 ) in production. SRV01 is GC, DNS and seems to have been installed since 2007. SRV02 has Exchange 2003 installed.
SRV01 and SRV02 don't seem to SYSVOL replicate; however when it comes to creating users from anyone of them, the created user is immediately found on the other. Group Policies don't work has expected. I am tasked to upgrade windows 2003 R2 SP2 to Windows server 2008 R2 and migarting Exchange 2003 to Exchange 2010. Both server must be removed from the network.
SRV01 have a couple failed tests from DCDIAG test. Please see below;
Starting test: frsevent
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
......................... SRV01 failed test frsevent
.
.
.
An Error Event occured. EventID: 0xC0002719
Time Generated: 02/11/2015 08:57:08
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 02/11/2015 08:57:50
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 02/11/2015 08:58:34
(Event String could not be retrieved)
......................... SRV01 failed test systemlog
.
.
.
Starting test: VerifyReferences
Some objects relating to the DC SRV01 have problems:
[1] Problem: Missing Expected Value
Base Object:
CN=SRV01,OU=Domain Controllers,DC=child ,DC=parent,DC=com
Base Object Description: "DC Account Object"
Value Object Attribute Name: frsComputerReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
[1] Problem: Missing Expected Value
Base Object:
CN=NTDS Settings,CN=SRV01,CN=Serve
Base Object Description: "DSA Object"
Value Object Attribute Name: serverReferenceBL
Value Object Description: "SYSVOL FRS Member Object"
Recommended Action: See Knowledge Base Article: Q312862
......................... SRV01 failed test VerifyReferences
The Event ID: 13562 is also found on SRV01 since 2007 (I believe since windows server 2003 was introduce to the network)
SRV02 passed the DCDIAG test.
SRV02 was also installed in 2007.
On SRV02, I have the Event ID: 13516 since 2008 (oldest log) which states that : The File Replication Service is no longer preventing the computer MAIL from becoming a domain controller. The system volume has been successfully initialized and the Netlogon service has been notified that the system volume is now ready to be shared as SYSVOL. Type "net share" to check for the SYSVOL share.
The "net share" do show me the SYSVOL share.
Due the replication issues, I have decided to correct the replication issue before anything else. Can anyone help?
I have attached the complete output of DCDIAG for both servers.
SRV01dcdiag.txt
SRV02dcdiag.txt
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The problem with introducing the DC first is that you have 2 DC's where sysvol is not replicating properly. With my approach you would remove one of the DC's (preferably the Exchange DC after exporting the mailboxes) Rebuild the sysvol on the single DC and then once replication is working properly introduce the new DC.
I am trying to give you the smoothest possible solution. You can really slice this anyway you want but in the end you know your environment best.
Will.
I am trying to give you the smoothest possible solution. You can really slice this anyway you want but in the end you know your environment best.
Will.
ASKER
I did convert both machines into VMs and transfer them to VMware worksatation. They seem to have the same behavior, but SRV02 in the virtual environnent shows other issues. For instance in my real environment I can force replication from AD site and Services|site|servers| NTDS Settings which does not work in the Lab.
Moreover I tried the link you gave http://support.microsoft.com/kb/315457 but it does not work in the LAB.
I do have the following except the (\SYSVOL\SYSVOL) which I have it like thsi : \SYSVOL\sysvol (Lower case). Could this be an issue?
\SYSVOL
\SYSVOL\domain
\SYSVOL\staging\domain
\SYSVOL\staging areas
\SYSVOL\domain\Policies
\SYSVOL\domain\scripts
\SYSVOL\SYSVOL
Verify that the following reparse points exist:
\SYSVOL\SYSVOL\ DNS Domain Name
This reparse point must be linked to the \SYSVOL\domain folder.
\SYSVOL\staging areas\DNS Domain Name
1,2,3 all work great. Then 4 does not work becasue it does not kown the command Linkd.
When I went back to my snapshot (undo the steps in the KB article) in the Lab , I can join VM's to the domain, outlook work perfectly and even OWA is accessible internally. when I create a new user, it replicate with no problem.
Also in the Lab:
- I brought up a new server 2008R2 and install all Exchange prerequisites.
-when I try installing exchange, I receive an error message when it is preparing the organization.
I decided to prepare the domain and schema manually.
setup /pl worked but setup /PrepareSchema does not complete successfully.
Downtime is not an option therefore what about if I start by (order changed):
1- Promote a new DC into the environment allow replication to complete (as you suggested)
2- Bring up a new server 2008R2, join it to the domain and install Exchange 2010
3-Export all mailboxes to pst's
4-Decommission Exchange 2003
In 1), I will not be touching the DC (with Exchange). Once replication is working, then I can start working on Exchange.
Thanks,