[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

DFS shares dissapearing

Posted on 2015-02-20
10
Medium Priority
?
45 Views
Last Modified: 2015-03-03
We recently lost the PDC and it had to be rebuilt. In the process, some of the DFS shares that were hosted there were recreated in the secondary DC and some were used from remote locations while PDC was rebuilt. Now, when users click on their shares they randomly are inaccessible or just "jump" back to the root.

Environment is 5 sites with 6 DCs all running Server 2008 R2. All have DFS and there are some shares that are on all the servers, some are only in select ones. Only users in the site where the PDC was located are having this issue, all other sites seem to be working correctly.

I have verified DNS, error logs and ran the sonar tool but haven't seen anything that can explain this. replication seems to be working fine too.
0
Comment
Question by:avadmin
  • 6
  • 4
10 Comments
 
LVL 81

Expert Comment

by:arnold
ID: 40621612
It sounds as though the DFS that are not functional only had one target system which is no longer accessible.
Was there DFS-Replication that had data flowing among the servers?
0
 

Author Comment

by:avadmin
ID: 40621630
Not sure this is the right answer, but i'll try...
I don't think so, since all servers were set up to be Namespace servers and all folders were at least in two servers. It does seem like the target is inaccessible and this is why some users experience it while others don't and happens at random times of the day. Replication had been working fine until this and I believe replication is still running fine (I added some files to the software folder for testing and they were in the other sites in less than a minute).
0
 
LVL 81

Accepted Solution

by:
arnold earned 1500 total points
ID: 40621700
Do the shares disappear at the site where the failed DC was restored?
If so, the issue is because of the policy that directs the use of the local and likely because you restored the DC using the same name, but lacking the share.
One deals with the DFS removing the old DC as a target member.

Then in the rerun the replication configuration to rejoin this DC into the replication group after.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 

Author Comment

by:avadmin
ID: 40621996
yes, they disappear at the site where the PDC was. I didn't restore, but rather recreated the system after manually seizing FSMO roles and performing the manual delete of the DC and DFS entries. I thought I deleted all the entries to it, but perhaps I didn't.
I did use the same name afterwards! (Naming schemes for the company)

I will try removing both servers from this site over the weekend and then re-joining them. Anything else I should do?

thanks!
0
 
LVL 81

Expert Comment

by:arnold
ID: 40622239
You do not need to remove, use the dfsutil to see the references, then also checkforerrors on the restored server for DFS related events.

An option into check the dfs share policy dealing with the new.

I think provided Therese no errors. Everything should be fine bymonday.
0
 

Author Comment

by:avadmin
ID: 40623090
Will do. I'll check and let you know. thx
0
 

Assisted Solution

by:avadmin
avadmin earned 0 total points
ID: 40625447
Waiting for users to connect today and let me know if this worked. Will update the question later.

here is what I did:

from the MMC I removed the recreated PDC as a Namespace server. It gave me an error that the server did not exist. I then re-added the server and the operation completed successfully.

I believe this was the error.

Additionally I moved all shares from the SDC to the PDC and removed the SDC namepace folders and removed it as a namespace server (removed the shared folders too in case a user had mapped manually to the server!)
0
 
LVL 81

Assisted Solution

by:arnold
arnold earned 1500 total points
ID: 40625452
Map a drive to the domain based share.
Looking at the properties of the mapped drive, there should be a DFS tab which you can toggle (activate) each share target and see if you have access to files or not.
If you still have times where there is no data, double check on the dfs anagement share settings to make sure the location reflects there is the location where the data is.

Had an occasion to have the replication of data working, but the access share was pointing to c:\dfsroot\sharename .......
During the setup of the target entry, the config erred processing ......  Removing the target and repointing it to the correct folder would resolve this.
0
 

Author Comment

by:avadmin
ID: 40630827
All working. It was as you mentioned the PDC that had to be removed and recreated. Thanks! (also good tip on the properties tab! very helpful)
0
 

Author Closing Comment

by:avadmin
ID: 40641379
The process of removing the server using the MMC is the simplest, but Arnolds guidance was critical
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question