Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

FRS/SYSVOL Replication Issues 2008 Domain


Best Answer j4ngl35 , 25 April 2016 - 10:39 AM

Just so everyone is aware, I was able to resolve the issue in less than 10 minutes by performing the authoritative restore on the DC with the functioning NETLOGON/SYSVOL shares and then a non-autho... Go to the full post »


  • Please log in to reply

#1
j4ngl35

j4ngl35

    New Member

  • Member
  • Pip
  • 3 posts

I just came on with a company this year and recently discovered through failing GPO updates that there have been FRS sync issues on the DCs here for probably two years. What's happening right now, is the SYSVOL and NETLOGON shares have disappeared from one DC, and the other DC (which is the owner of all FSMO roles) is throwing journal wrap errors. Aside from the NETLOGON and SYSVOL issues, the domain health is good. 

 

I've done a ton of research and reading on these individual issues, but I haven't found a situation similar to what I've got going on here right now and I don't want to hose up the domain by trying to do a restore on one DC when there are currently errors on both of them. 

 

Any thoughts on what I should address first and any potential repercussions of doing so? 

 

Thanks in advance!

 

-Justin

 

Edit: I should have clarified; The SYSVOL and NETLOGON shares are *likely* gone from the secondary DC because I attempted a non-authoritative restore on that server, but due to the FRS issues it never rebuilt those shares. Sorry, I haven't had to deal much with these issues in the past, so I probably should have made sure things were functioning well on the other DC before attempting that. 


Edited by j4ngl35, 15 April 2016 - 09:42 AM.

  • 0

Advertisements


#2
Rikai

Rikai

    Member

  • Member
  • PipPipPip
  • 200 posts

Would it be possible to build a new DC, push it as the primary, then verify it is providing all services? This can give you some wiggle room to rebuild the other two.

 

Are they physical servers or VMs?


  • 0

#3
j4ngl35

j4ngl35

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

I had actually been working on moving ADDS to a new 2012 R2 VM (all servers are VMs) when I discovered the FRS wasn't working, as my NETLOGON and SYSVOL shares never showed up properly on the new DC. Ended up pulling that DC back out of the mix, so it's now down to the original two 2008 R2 VMs acting as DCs for the domain. 

 

Based on research, it seems like an authoritative restore from the DC with active SYSVOL & NETLOGON shares is the way to go, I just wanted to see if there was anything I should be aware of before I pull the pin. I've got lots of good Veeam backups in case of emergency, but I'd prefer not to have to worry about that :)


  • 0

#4
Rikai

Rikai

    Member

  • Member
  • PipPipPip
  • 200 posts

Personally, I'd work on getting another DC up without errors before working on the other two. But that's my opinion


  • 0

#5
j4ngl35

j4ngl35

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
✓  Best Answer

Just so everyone is aware, I was able to resolve the issue in less than 10 minutes by performing the authoritative restore on the DC with the functioning NETLOGON/SYSVOL shares and then a non-authoritative restore on the secondary DC. Domain health is now 100% according to dcdiag, the SYSVOL shares are showing up on all DCs, etc. I also was successful now in getting a new domain controller up and running (2012 R2) that I will be migrating roles to so I can eventually decomission the old servers; prior to the D4/D2 burflags fix, I couldn't get a new DC up and running due to the replication issues that were occurring. ADDS would install but since it couldn't replicate from any other DC, it was held up in fully becoming a domain controller. 

 

Thanks again for everyone's input!


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP