NETLOGON share missing in domain

Hi All,

I was having an issue in which the SYSVOL and NETLOGON shares were not being generated on a new Windows 2012 R2 server that was promoted into a domain with a Windows 2003 server.  I performed the tasks at the following location:

I made a mistake and entered D4 on the domain controller that did not have the SYSVOL and NETLOGON shares.  After this, the SYSVOL share appeared and is replicating however the NETLOGON share no longer exists on any domain controller.

At this point I need to recreate the NETLOGON share.  Can anyone direct me to the process of doing this?

Cliff DavisAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

I had a similar issue, try the below;

Run the following command on all domain controllers in the forest.

Net Stop NTFRS  (stop the file replication service)

Go Into Registry Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup

Change the BurFlags DWORD to = D4 on the Primary Domain Controller and change to D2 on all of the backup domain controllers.

Start the NTFRS service again by using Net Start NTFRS command
Matt MinorTechnical Systems AnalystCommented:
Here is the correct procedure to re-create NETLOGON:

Did you have any previous content though? Like any scripts etc? Just wondering if you might need to perform a restore from backups (if available)
Cliff DavisAuthor Commented:
Thanks Matthew.  I tried that and it made the SYSVOL share disappear while the setting is a 0 and then reappear when I set it to 1.  It didn't result in the NETLOGON share returning though.


Thanks for the suggestion.  I tried yours as well and saw the SYSVOL directory disappear and the reappear however the NETLOGON directory did not return.

Any other ideas?
Your Guide to Achieving IT Business Success

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

Matt MinorTechnical Systems AnalystCommented:
After performing that procedure, did you reboot the server? Toggling the registry setting above would probably have that effect on Sysvol as expected - the hope though is after the system is restarted, NETLOGON would be shared out correctly again.
Cliff DavisAuthor Commented:
I was nervous about restarting for fear of not being able to get back in.  I restarted both machines however still no NETLOGON.
Matt MinorTechnical Systems AnalystCommented:
Any backups?
Cliff DavisAuthor Commented:
Not of the system, including SYSVOL and NETLOGON, unfortunately.
Matt MinorTechnical Systems AnalystCommented:
Is dns correctly configured? Make sure that each server is pointed to the correct address for dns, wondering if replication is broken due to dns failure.
Cliff DavisAuthor Commented:
I checked and it looks like DNS is working fine to me.  No errors in the logs, adding test entries replicates between the machines, and I can resolve both AD servers by name from each server.
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
How long did you let the DCs set, it could take quite a bit of time depending on the size of the sysvol share.
Cliff DavisAuthor Commented:
I left it overnight, about fourteen hours, and NETLOGON didn’t rebuild.   I replicated the issue in my lab and tried the following:
1.      Adding another Windows 2012 domain controller
      This resulted in the new domain controller being built without a NETLOGON share and none of the other domain controllers having the share recreated.
2.      Manually rebuilding the NETLOGON share by recreating the c:\Windows\SYSVOL\sysvol\Lab.test\scripts directory and the sharing it out as NETLOGON.  I then updated the BurFlags registry setting to D4 on that domain controller and restarted the ntfrs service on the domain controllers.

The second test worked and resulted in replication to the other 2012 domain controller.  I implemented this in the production environment and NETLOGON is now replicating.

I am still concerned that there may be issues later because AD has a tendency to have issues whenever any manual operations are implemented.  Anyone have any thoughts or concerns to share?
The issue is that your 2003 Server has a corrupt NTFRS database (look for a JRNL_WRAP error in the Event Logs).

Iruiz is correct, however, you need to perform the authoritative restore of the FRS database on the 2003 server as it holds the master database.

Please review the following:  http:/Q_28894980.html

Cliff DavisAuthor Commented:
Everything still looks fine after manually rebuilding the NETLOGON directory.  I did loose the GPO's but was able to manually rebuild them.

Thanks for all of the ideas.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cliff DavisAuthor Commented:
Other solutions did not result in the NETLOGON directory being regenerated.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.