jfesler
asked on
FRS = Even ID: 13568
FRS - SYSVOL is in JRNL_WRAP_ERROR ID - 13568
Error is on a Server 2008R2
Server 2016 exists in same domain.
Everything is operating normal, GPO's are working fine and show on both servers.
SYSVOL data exists on Server 2008R2
SYSVOL folders are empty on Server 2016
Server 2008R2 - DCDIAG
NCSecDesc fails
Error NT Authority\Enterprise domain controllers doesn't have Replication Directory Changes in Filtered Set access rights for the naming context:
DC=DomainDnsZones,DC=domai
Error NT Authority\Enterprise domain controllers doesn't have Replication Directory Changes in Filtered Set access rights for the naming context:
DC=ForestDnsZones,DC=domai
Server 2016 - DCDIAG
Advertising fails
DsGetDcName returned information for \\2008R2Server.domain.name
Server is not responding or is not considered suitable.
FrsEvent does NOT fail = warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems.
NetLogons fails
Unable to connect to the NETLOGON share! (\\Server2016\netlogon)
An net use or LsaPolicy operation failed with error 67, The network name cannot be found
SYSVOL nor NETLOGON shares exists on Server2016
I assume this is all related? I am concerned about what step to take since no data exists in SYSVOL folder on Server2016
Error is on a Server 2008R2
Server 2016 exists in same domain.
Everything is operating normal, GPO's are working fine and show on both servers.
SYSVOL data exists on Server 2008R2
SYSVOL folders are empty on Server 2016
Server 2008R2 - DCDIAG
NCSecDesc fails
Error NT Authority\Enterprise domain controllers doesn't have Replication Directory Changes in Filtered Set access rights for the naming context:
DC=DomainDnsZones,DC=domai
Error NT Authority\Enterprise domain controllers doesn't have Replication Directory Changes in Filtered Set access rights for the naming context:
DC=ForestDnsZones,DC=domai
Server 2016 - DCDIAG
Advertising fails
DsGetDcName returned information for \\2008R2Server.domain.name
Server is not responding or is not considered suitable.
FrsEvent does NOT fail = warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems.
NetLogons fails
Unable to connect to the NETLOGON share! (\\Server2016\netlogon)
An net use or LsaPolicy operation failed with error 67, The network name cannot be found
SYSVOL nor NETLOGON shares exists on Server2016
I assume this is all related? I am concerned about what step to take since no data exists in SYSVOL folder on Server2016
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Sure thing! Let me know how it goes.
ASKER
That appeared to work well, Authoritative FRS restore.
The SYSVOL and NETLOGON shares are now appearing on Server 2016.
I do still get "There are warning or error events within the last 24 hours after the SYSVOL has been shared. failed test FrsEvent. I assume this will clear, after the 24hrs?
Also still have the following on Server2008R2
Error NT Authority\Enterprise domain controllers doesn't have Replication Directory Changes in Filtered Set access rights for the naming context:
DC=DomainDnsZones,DC=domai
Error NT Authority\Enterprise domain controllers doesn't have Replication Directory Changes in Filtered Set access rights for the naming context:
DC=ForestDnsZones,DC=domai
The SYSVOL and NETLOGON shares are now appearing on Server 2016.
I do still get "There are warning or error events within the last 24 hours after the SYSVOL has been shared. failed test FrsEvent. I assume this will clear, after the 24hrs?
Also still have the following on Server2008R2
Error NT Authority\Enterprise domain controllers doesn't have Replication Directory Changes in Filtered Set access rights for the naming context:
DC=DomainDnsZones,DC=domai
Error NT Authority\Enterprise domain controllers doesn't have Replication Directory Changes in Filtered Set access rights for the naming context:
DC=ForestDnsZones,DC=domai
I do still get "There are warning or error events within the last 24 hours after the SYSVOL has been shared. failed test FrsEvent. I assume this will clear, after the 24hrs?
Yep, that's just telling you that there are errors in the log less than 24 hours old.
If you don't have any read-only domain controllers (RODCs) in the domain, the "Replication Directory Changes in Filtered Set" thing can be ignored. I believe running adprep /rodcprep will make the errors go away by assigning that right to all writeable DCs, but there's no need to do that unless you're planning to promote an RODC.
ASKER
Thanks for the peace of mind!
ASKER