question

RickLee-3121 avatar image
0 Votes"
RickLee-3121 asked DSPatrick answered

SYSVOL and NETLOGON Not replicating.

Hi, I need to migrate to DFRS but have an issue. My PDC is 2008 r2. I noticed this issue promoting when I promoted a new DC. If I use the 2008 r2 server as a replication partner, SYSVOL and NETLOGON are not created and shared. If I use a different DC as replication partner I have no issues. Also, the contents of the SYSVOL and NETLOGON folders are no longer replicating to other DCs in the domain from this DC. I need to correct this so I can migrate to DFRS and replace the 2008 R2 DCs in the domain.

windows-server-2012
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

If there are any progresses, welcome to share here!
Best Regards,

0 Votes 0 ·
DSPatrick avatar image
0 Votes"
DSPatrick answered

You didn't answer but keep in mind if it has tombstoned then demote, reboot, dcpromo would be required.

--please don't forget to Accept as answer if the reply is helpful--


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RickLee-3121 avatar image
0 Votes"
RickLee-3121 answered

I think I will do the following.
1: Recreate the sysvol and netlogon shares on problematic DC and copy all the files back to their original locations.
2: Make another DC role holder. Copy all GPOs off the failing DC over to the new role holder.
3: Demote then promote problematic dc.

Thoughts?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RickLee-3121 avatar image
0 Votes"
RickLee-3121 answered

Oh, to answer your question, its been at least 6 months since successful replication.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

Ok, then it has tombstoned. I'm not sure what one you're trying to save (PDCe?) but if you're going to try backup / restore you can follow along here.
https://docs.microsoft.com/en-us/windows/win32/vss/backing-up-and-restoring-an-frs-replicated-sysvol-folder

--please don't forget to Accept as answer if the reply is helpful--



5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RickLee-3121 avatar image
0 Votes"
RickLee-3121 answered

This DC is the PDCe qs well as role holder for all other roles. I am trying to get it stable to buy time before I demote it. After the failed D2 yesterday I copied the GPOs back to their original location. Now if i run group policy from the problem DC I can see the GPOs. My problem is that PCs that authenticate against this DC cant see the domain. Also, if I run Group policy management from other DCs they don't see the domain either unless I chose to open "any available DC". How can I get this back?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

Another option may be to export GPO's, take the failed one off network, seize roles to a healthy domain controller
https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/transfer-or-seize-fsmo-roles-in-ad-ds

do clean up
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/ad-ds-metadata-cleanup
https://techcommunity.microsoft.com/t5/itops-talk-blog/step-by-step-manually-removing-a-domain-controller-server/ba-p/280564

When all is confirmed good you could, then import the GPO's, and build a replacement for the failed one.

--please don't forget to Accept as answer if the reply is helpful--




5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RickLee-3121 avatar image
0 Votes"
RickLee-3121 answered

That's the plan in the long run. The problem is the problem DC is running our rack at our data center. I don't have time to take it down till the weekend. Was hoping to buy time til then.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered

Was hoping to buy time

Not sure what is meant here, sounds like you'll need to wait then. I don't see another option.

--please don't forget to Accept as answer if the reply is helpful--






5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.