Solved

DFS Replication After a Crytowall

Posted on 2015-02-20
6
85 Views
Last Modified: 2015-03-31
A remove branch user was infected by CryptoWall.   It encrypted the remote DFS server.  The server only synced a few directories to the main DFS server.   We disabled the replication between the servers (via DFS Management) and rebooted the servers to stop replication.   We also restored from backup the encrypted files to the main DFS Server.

How do I go about restarting the DFS Replication with the main server as the correct server for files?
0
Comment
Question by:edwardq
  • 3
  • 2
6 Comments
 
LVL 42

Assisted Solution

by:kevinhsieh
kevinhsieh earned 250 total points
ID: 40622732
Remove the branch server from the DFS replication group, and then add it back it. The other server(s) will be considered authoritative.
0
 
LVL 27

Assisted Solution

by:Steve
Steve earned 250 total points
ID: 40623043
safest way is to stop the DFS service on the remote server and make changes to the main server (and allow AD replication to occur between sites) before re-enabling the serviced on the remote server.
best to remove the replication group and create it again from scratch (delete or move the files from the remote server)
0
 
LVL 4

Author Comment

by:edwardq
ID: 40626495
Ok.. I did that. And it took the other server as authoritative and started PreExisting backup of folders on the main server.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 27

Expert Comment

by:Steve
ID: 40646988
nice one. did that solve the issue?
0
 
LVL 4

Accepted Solution

by:
edwardq earned 0 total points
ID: 40689934
No it did not solved the issue.     I was hoping for it to start duplication with main server as authoritative.   I did both what Kevinhsieh and totallytoto suggested.  It would still take the bad server as authoritative.

Since it was a Virtual server, How I solved it was to build a new VM server locally, set it up in the DFS replication group. When it finished replicated.  I copyed the VM Server to a removable disk drive and drove it down to the branch and copied it/replaced the bad one.  It took a few days since it took about 4 hours to copy it the disk drive and 4 hours to copy it to the remote server.
0
 
LVL 4

Author Closing Comment

by:edwardq
ID: 40697884
I selected my solution because it was the only one that worked.
0

Featured Post

Courses: Start Training Online With Pros, Today

Brush up on the basics or master the advanced techniques required to earn essential industry certifications, with Courses. Enroll in a course and start learning today. Training topics range from Android App Dev to the Xen Virtualization Platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

As with any other System Center product, the installation for the Authoring Tool can be quite a pain sometimes. This article serves to help you avoid making these mistakes and hopefully save you a ton of time on troubleshooting :)  Step 1: Make sur…
OfficeMate Freezes on login or does not load after login credentials are input.
The viewer will learn how to use a discrete random variable to simulate the return on an investment over a period of years, create a Monte Carlo simulation using the discrete random variable, and create a graph to represent the possible returns over…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question