Search

Welcome! If you're new here, perhaps you'll be interested in the RSS feed to be informed of the publication of a new article?

Problem of replication of SYSVOL and NETLOGON shares

Posted by: Seb

August

I recently installed two new domain controllers in Windows 2003 R2 to replace an old Domain Controller in Windows 2000 which showed some signs of weakness. Problem, after the usual phase of dcpromo the SYSVOL and NETLOGON shares have not created automatically on two new CDs. FSMO role transfers them have gone smoothly and Active Directory (users, computers) and the DNS replicate perfectly.

This problem is really critical because if the domain controller in Windows 2000 should die it would not be possible to authenticate to the field or on the SQL Server using Windows authentication. A very regular backup system state with ntbackup of DC is critical as the situation is not stabilized. Second group policies are not replicated and servers are not fully considered as domain controllers SYSVOL and NETLOGON shares have not been created.

On DCs in Windows 2003 I was getting errors in Event Viewer:

Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13565
Date: 28/08/2007
Time: 6:47:17 p.m.
User: N / A
Computer: DC01
Description:
The File Replication Service initializing the system volume with data from another domain controller. DC01 The computer can not become a domain controller before the process is complete. The system volume will then be shared as SYSVOL.
To check the SYSVOL share, enter the command prompt:
net share
When the File Replication Service has completed the initialization process, the SYSVOL share will appear.
The initialization of the system volume can take some time. The duration depends on the amount of data in the system volume, the availability of other domain controllers and the replication interval between domain controllers.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp .

Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 27/08/2007
Time: 2:17:51 p.m.
User: N / A
Computer: DC01
Description:
The File Replication Service is in trouble enabling replication from \ \ OLDDC.corp.local to DC01 for c: \ windows \ sysvol \ domain using the DNS name \ \ OLDDC.corp.local. FRS will keep retrying.
Below are some reasons for this warning.
[1] FRS can not resolve the DNS name \ \ OLDDC.corp.local properly from this computer.
[2] FRS is not running on \ \ OLDDC.corp.local.
[3] The topology information in Active Directory for this replica has not yet replicated to all domain controllers.
This event log message will appear once per connection, once the problem has been resolved, you will see another message that the connection has been established.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp .
Data:
0000: 00 00 00 00 ....

Restarting the service file replication regenerates these mistakes permanently.

On the old domain controller in Windows 2000:

Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 24/08/2007
Time: 11:48:13
User: N / A
Computer: OLDDC
Description:
The File Replication Service is in trouble enabling replication from DC01 to OLDDC to c: \ winnt \ sysvol \ domain using the DNS name dc01.corp.local. FRS will keep retrying.
Below are some reasons for this warning.
[1] FRS can not resolve the DNS name dc01.corp.local properly from this computer.
[2] FRS is not running on dc01.corp.local.
[3] The topology information in Active Directory for this replica has not yet replicated to all domain controllers.
This event log message will appear once per connection, once the problem has been resolved, you will see another message that the connection has been established.
Data:
0000: 00 00 00 00 ....

Event Type: Warning
Event Source: NtFrs
Event Category: None
Event ID: 13508
Date: 24/08/2007
Time: 11:48:13
User: N / A
Computer: OLDDC
Description:
The File Replication Service is in trouble enabling replication from DC02 to OLDDC to c: \ winnt \ sysvol \ domain using the DNS name DC02.corp.local. FRS will keep retrying.
Below are some reasons for this warning.
[1] FRS can not resolve the DNS name DC02.corp.local properly from this computer.
[2] FRS is not running on DC02.corp.local.
[3] The topology information in Active Directory for this replica has not yet replicated to all domain controllers.
This event log message will appear once per connection, once the problem has been resolved, you will see another message that the connection has been established.
Data:
0000: 00 00 00 00 ....

Some internet research shows that this problem of non-replicating SYSVOL and NETLOGON shares are fairly common but there are few solutions available. In addition some of these solutions are not valid for Windows 2000 post-SP3, mine being patched SP4 ... A lot of information rather vague and contradictory indicate particular shared directories manually (not to!) Or move files manually (not very useful since the shares are not assets).

Finally here is the solution that restored replication between the three CDs:

verify that the DNS server contains all the necessary inputs, in particular it should be possible to contact all other domain controllers for a given DC through their IPs and their DNS names. If this is not the case it must be corrected before anything else and see if it does not solve the replication problem.
stop the File Replication service on all DCs
Use regedit to change the key of Burflag HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ NtFrs \ Parameters \ Cumulative Replica Sets \ GUID and pass it to D4 in hex on the domain controller with a SYSVOL and NETLOGON a proper
Use regedit to change the key of Burflag HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ NtFrs \ Parameters \ Cumulative Replica Sets \ GUID and pass it to D2 in hex on domain controllers that have not created the SYSVOL and NETLOGON shares
restart the File Replication service on domain controller 'correct'
wait a few minutes
restart the File Replication service on domain controllers in the replication error

At that time the domain controllers in Windows 2003 posted this message in Event Viewer:

Event Type: Information
Event Source: NtFrs
Event Category: None
Event ID: 13516
Date: 28/08/2007
Time: 6:52:45 p.m.
User: N / A
Computer: DC01
Description:
The File Replication Service has stopped preventing the computer DC01 from becoming a domain controller. The system volume was successfully initialized and the Netlogon service has been notified that the system volume is now ready to be shared as SYSVOL.
Type "net share" to check the SYSVOL share.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp .

Actually a net share shows the appearance of SYSVOL and NETLOGON shares, which is confirmed by the use of the tool Sonar shows that shares in SYSVOLS OK instead of Not Shared.

Article KB315457 enters (much) more details on this operation.

5 comment (s) on this topic

Track this topic: Comments RSS or TrackBack URL

didier wrote on 2-4-2008 at 10:40:06 p.m.

Hello,
I want to thank you for this excellent summary of the note KB315457 of Microsoft, which helped me solve a problem of two months, with research and headaches. I do not understand why I did not fall over before ...
thank you again and all my encouragement for your site.
didier

Frederic wrote 3-9-2008 at 10:31:18 p.m.

Hello,
In my turn to thank you for this excellent article which help me solve the pb of your identically. I do not understand why this solution does not appear to me in other forums.
Indeed, there are few who publishes a solution after having struggled and search very long!
By deepening the subject, I realized that this problem only happens when trying to migrate a Windows 2000 AD to a Win2003 R2 SP2.
Another solution is to use a temporary server in Windows 2003 SP1 and then upgrade to version R2 SP2.
Thank you again. Congratulations on this blog and I had the occassion to fly.

admin wrote on 3-9-2008 at 10:38:12 p.m.

That's about it and lost hours looking for a solution on the Internet that led me to open the site to record the problems I encounter WITH solutions. And I'm glad to see that it serves a purpose! There is nothing more annoying than these forums where people post "it's good I solved my problem" without explaining how.

Francis wrote on 30-12-2009 at 11:28:19

Thank you very much for this post, it also allowed me to perform replication from 2000 to 2008 that did was point.

EquipeReseau wrote on 4-2-2011 at 7:35:02 p.m.

Thank you very much ... Seb

Explanation for these ... and the tutorial, it helped us to solve a replication problem lying for more than three months. This is fantastic and it illuminates things well.

Nice work.