This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 13%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello everyone
The Windows Server 2012 R2 domain of our enterprise was lost in the early morning of February 1st, including the domain default policy and the domain controller default policy, and all configurations were missing.
Checked the logs and did not see any related errors. The data replication mode is checked, and the current FRS replication is used, and the relevant logs are only recorded until February 3.
How can I troubleshoot what caused it?
It isn't recommended to restore a single DC in a multi-DC environment. The much cleaner / safer method is to seize roles to another healthy one.
then perform cleanup to remove the remnants of failed one from active directory.
Clean up Active Directory Domain Controller server metadata
Step-By-Step: Manually Removing A Domain Controller Server
Then use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new one for replacement, patch it fully, license it, join existing domain, add active directory domain services, promote it also making it a GC (recommended), transfer FSMO roles over (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health.
--please don't forget to upvote and Accept as answer if the reply is helpful--
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
I extracted the sysvol folder from the Windows backup and restored GPO via authorized restore. It work correctly. But I don't know what causes this problem occur. Any suggest?
Glad to hear you found a work-around. Restoring the server from backup is the likely cause.
--please don't forget to upvote and Accept as answer if the reply is helpful--
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 80%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETB%3C/text%3E%3C/svg%3E)
Hi @国靖 陆
Check in event viewer if there is any error on DFSR replication for sysvol folder.
Run the following to check health of the impacted domain controller dcdiag
Check the statut of AD replication , repadmin /showrepl
Don't forget to mark helpful answer as accepted
Hi AOURBITA
Thanks for reply. I check DFSR replication log but the logs have been overwritten. Dcdiag not show any useful information,and replication check seems all right.
Any other suggestions?
The Windows Server 2012 R2 domain of our enterprise was lost
Are there other domain controllers? Did you restore from a backup?
Hi Dave, thx for reply.
Yeah it's 7 DCs in domain, GPO files actually lost in other DC. We recover with PDC system backup.