NETLOGON share missing in domain

I had a similar issue, try the below;

Run the following command on all domain controllers in the forest.

Net Stop NTFRS  (stop the file replication service)

Go Into Registry Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup

Change the BurFlags DWORD to = D4 on the Primary Domain Controller and change to D2 on all of the backup domain controllers.

Start the NTFRS service again by using Net Start NTFRS command

Here is the correct procedure to re-create NETLOGON:
https://support.microsoft.com/en-us/kb/947022

Did you have any previous content though? Like any scripts etc? Just wondering if you might need to perform a restore from backups (if available)

Thanks Matthew.  I tried that and it made the SYSVOL share disappear while the setting is a 0 and then reappear when I set it to 1.  It didn't result in the NETLOGON share returning though.


lruiz,

Thanks for the suggestion.  I tried yours as well and saw the SYSVOL directory disappear and the reappear however the NETLOGON directory did not return.

Any other ideas?

After performing that procedure, did you reboot the server? Toggling the registry setting above would probably have that effect on Sysvol as expected - the hope though is after the system is restarted, NETLOGON would be shared out correctly again.

I was nervous about restarting for fear of not being able to get back in.  I restarted both machines however still no NETLOGON.

Any backups?

Not of the system, including SYSVOL and NETLOGON, unfortunately.

Is dns correctly configured? Make sure that each server is pointed to the correct address for dns, wondering if replication is broken due to dns failure.

I checked and it looks like DNS is working fine to me.  No errors in the logs, adding test entries replicates between the machines, and I can resolve both AD servers by name from each server.

How long did you let the DCs set, it could take quite a bit of time depending on the size of the sysvol share.

I left it overnight, about fourteen hours, and NETLOGON didn’t rebuild.   I replicated the issue in my lab and tried the following:
1.      Adding another Windows 2012 domain controller
      This resulted in the new domain controller being built without a NETLOGON share and none of the other domain controllers having the share recreated.
2.      Manually rebuilding the NETLOGON share by recreating the c:\Windows\SYSVOL\sysvol\Lab.test\scripts directory and the sharing it out as NETLOGON.  I then updated the BurFlags registry setting to D4 on that domain controller and restarted the ntfrs service on the domain controllers.

The second test worked and resulted in replication to the other 2012 domain controller.  I implemented this in the production environment and NETLOGON is now replicating.

I am still concerned that there may be issues later because AD has a tendency to have issues whenever any manual operations are implemented.  Anyone have any thoughts or concerns to share?

The issue is that your 2003 Server has a corrupt NTFRS database (look for a JRNL_WRAP error in the Event Logs).

Iruiz is correct, however, you need to perform the authoritative restore of the FRS database on the 2003 server as it holds the master database.

Please review the following:  http:/Q_28894980.html

-saige-

Other solutions did not result in the NETLOGON directory being regenerated.