7/28/2019 sysvol

1/6

Sysvol replication:

C:\>dcdiag

Domain Controller Diagnosis

Performing initial setup:

Done gathering initial info.

Doing initial required tests

Testing server: Default-First-Site-Name\DOMAIN CONTROLLER

Starting test: Connectivity

......................... DOMAIN CONTROLLER passed test Connectivity

Doing primary tests

Testing server: Default-First-Site-Name\DOMAIN CONTROLLER

Starting test: Replications

......................... DOMAIN CONTROLLER passed test Replications

Starting test: NCSecDesc

......................... DOMAIN CONTROLLER passed test NCSecDesc

Starting test: NetLogons

......................... DOMAIN CONTROLLER passed test NetLogons

Starting test: Advertising

......................... DOMAIN CONTROLLER passed test Advertising

Starting test: KnowsOfRoleHolders

......................... DOMAIN CONTROLLER passed testKnowsOfRoleHolders

Starting test: RidManager

......................... DOMAIN CONTROLLER passed test RidManager

Starting test: MachineAccount

......................... DOMAIN CONTROLLER passed test MachineAccount

Starting test: Services

http://c/http://c/

7/28/2019 sysvol

2/6

......................... DOMAIN CONTROLLER passed test Services

Starting test: ObjectsReplicated

......................... DOMAIN CONTROLLER passed testObjectsReplicated

Starting test: frssysvol

......................... DOMAIN CONTROLLER passed test frssysvol

Starting test: frsevent

There are warning or error events within the last 24 hours after the

SYSVOL has been shared. Failing SYSVOL replication problems may cause

Group Policy problems.

......................... DOMAIN CONTROLLER failed test frsevent

Starting test: kccevent

......................... DOMAIN CONTROLLER passed test kccevent

Starting test: systemlog

An Error Event occured. EventID: 0x00000457

Time Generated: 08/17/2012 15:44:48

(Event String could not be retrieved)

An Error Event occured. EventID: 0x00000457

Time Generated: 08/17/2012 15:44:50

(Event String could not be retrieved)

An Error Event occured. EventID: 0x00000457

Time Generated: 08/17/2012 15:44:51

(Event String could not be retrieved)

An Error Event occured. EventID: 0x00000457

Time Generated: 08/17/2012 15:44:52

(Event String could not be retrieved)

An Error Event occured. EventID: 0x00000457

7/28/2019 sysvol

3/6

Time Generated: 08/17/2012 15:44:52

(Event String could not be retrieved)

An Error Event occured. EventID: 0x00000457

Time Generated: 08/17/2012 15:44:52

(Event String could not be retrieved)

An Error Event occured. EventID: 0x00000457

Time Generated: 08/17/2012 15:44:53

(Event String could not be retrieved)

......................... DOMAIN CONTROLLER failed test systemlog

Starting test: VerifyReferences

......................... DOMAIN CONTROLLER passed testVerifyReferences

Running partition tests on : DomainDnsZones

Starting test: CrossRefValidation

......................... DomainDnsZones passed test CrossRefValidation

Starting test: CheckSDRefDom

......................... DomainDnsZones passed test CheckSDRefDom

Running partition tests on : ForestDnsZones

Starting test: CrossRefValidation

......................... ForestDnsZones passed test CrossRefValidation

Starting test: CheckSDRefDom

......................... ForestDnsZones passed test CheckSDRefDom

Running partition tests on : Schema

Starting test: CrossRefValidation

......................... Schema passed test CrossRefValidation

Starting test: CheckSDRefDom

......................... Schema passed test CheckSDRefDom

7/28/2019 sysvol

4/6

Running partition tests on : Configuration

Starting test: CrossRefValidation

......................... Configuration passed test CrossRefValidation

Starting test: CheckSDRefDom

......................... Configuration passed test CheckSDRefDom

Running partition tests on : nic

Starting test: CrossRefValidation

......................... nic passed test CrossRefValidation

Starting test: CheckSDRefDom

......................... nic passed test CheckSDRefDom

Running enterprise tests on : nic.local

Starting test: Intersite

......................... nic.local passed test Intersite

Starting test: FsmoCheck

......................... nic.local passed test FsmoCheck

The failed tests above are due to past errors being in the event log from before the sysvol fix. If yourehaving sysvol replication errors, youll see the replication tests failing, along with systemlog andfrsevent failures.

To fix this, the intact sysvol folder needs to be forced to replicate across the domain. The process is asfollows:

Stop the FRS service on all domain controllers.

Locate the Burflags entry under the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup

And change the DWORD value to D4 on the source domain controller (this is to flag an authoritativerestore, and D2 on the child domain controllers (non-authoritative). Before doing this, take a backup ofthe sysvol folder, but make sure you store it on the same partition, otherwise permissions may change,and this would impact group policy if you had to restore it.

Then restart the FRS service on all domain controllers (the D4 one first) and wait for replication tooccur. This can take up to a few hours, depending on the infrastructure, number of domain controllers,and size of the sysvol folder.

7/28/2019 sysvol

5/6

Afterwards, running

Net share

At a command prompt will also show you the shared folders on the domain controller so once thisreplication is complete, you should see the sysvol and netlogon shares present.

Then you can also run DCDIAG tests on each domain controller to confirm.

each domain controller in the domain, follow these steps:1. Click Start, click Run, type cmd, and then click OK.2. Type net start ntfrs to start the File Replication service.3. Type ntfrsutl ds |findstr /i "root stage", and then press ENTER. The NTFRSUTIL command

returns the current root directory for the SYSVOL replica set that is referred to as the replicaset root and the staging folder. For example, this command returns:Root: C:\WINNT\SYSVOL\domainStage: C:\WINNT\SYSVOL\staging\domain

4. Type Linkd %systemroot%\SYSVOL\SYSVOL\DNS Domain name, and then press ENTER.

The LINKD command returns the following:SourceDNS Domain Name is linked to %systemroot%\SYSVOL\domain

5. Type linkd "%systemroot%\SYSVOL\staging areas\DNS Domain Name", and then pressENTER. This command returns the following:SourceDNS Domain Name is linked to %systemroot%\SYSVOL\Staging\domain

How do I force the Sysvol replication in an active directory

Your can restart the FRS service to force the FRS replication

To restart the FRS service, launch services.msc from the Run option on the Start MenuAnd restart the FRS service and you will get the Event ID 13516 on FRS event log this will ensure theFRS status is fine

Forcing Sysvol replication through NTFRSUTL

If you want to force sysvol replication between two domain controllers in an active directory then usethe below procedure

NTFRSUTL FORCEREPL Command-Line Option to Force Replication

You can use the new ntfrsutl forcerepl command to enforce replication regardless of the predefinedreplication schedule. This is only implemented for the domain controller Sysvol replica set.

ntfrsutl forcerepl [Computer] /r [SetName] /p [DnsName]

This command forces FRS to start a replication cycle. You must specify the Computer, SetName andDnsName.

Note In this command, the following placeholders are used:

7/28/2019 sysvol

6/6

[Computer] = Connect with the NtFrs service on this machine.[SetName] = The name of the replica set.[DnsName] = The DNS name of the inbound partner to force replication from.

I have a GPO replication problem, I believe that the SYSVOL is corrupt.

Why I think it is corrupt: GPO's wern't replicating, gpotool or userenv (can't remember which) told mewhen a local machine tried to connect to Hermes or Apollo DC the desktop machine was looking atsysvol/mydomain but looking at sysvol I noticed that it should of been looking atsysvol/sysvol/mydomain So I made the stupid mistake of copying the mydomain folder back one level,when that didn't work I deleted it, but it also deleted the original !!!

Can I repair the sysvol?

so I ran: dcdiag /a /q it reported the following error

Testing server: Default-First-Site-Name\HERMESStarting test: frssysvol

Error: No record of File Replication System, SYSVOL started.The Active Directory may be prevented from starting.There are errors after the SYSVOL has been shared.The SYSVOL can prevent the AD from starting.......................... HERMES passed test frssysvol

Then I tried the following:

1. ran ipconfig /registerdns2. restarted the File Replication service on both machines3. re-set the trust for deligation on both machines4. Changed the Operations master to DC named Apollo

Then when I ran dcdiag /a /q again it reported the following errors

Testing server: Default-First-Site-Name\HERMESStarting test: frssysvol

Error: No record of File Replication System, SYSVOL started.The Active Directory may be prevented from starting.......................... HERMES passed test frssysvol

Testing server: Default-First-Site-Name\APOLLO

Starting test: frssysvolThere are errors after the SYSVOL has been shared.The SYSVOL can prevent the AD from starting.......................... APOLLO passed test frssysvol