![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 42%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
20,222 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 9%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWL%3C/text%3E%3C/svg%3E)
Hello,
Here are some steps you can take to resolve this:
Check Replication Status:
Use the repadmin /showrepl command to check the replication status between your domain controllers. This will help identify any replication issues.
Force Replication:
You can force replication using the repadmin /syncall command. This ensures that all domain controllers are synchronized.
Verify SYSVOL and Netlogon Shares:
Ensure that the SYSVOL and Netlogon shares are available and properly replicated. You can use the dfsrdiag command to check the status of DFS Replication.
Check GPO Version Numbers:
Open the Group Policy Management Console (GPMC) and check the version numbers of the GPOs. If there is a mismatch, you may need to manually update the GPOs.
Use ADSI Edit:
If the issue persists, you can use ADSI Edit to manually update the msDFSR-Enabled and msDFSR-Options attributes. This involves stopping the DFSR service, making the necessary changes, and then restarting the service.
Run GPUpdate:
On the affected machines, run gpupdate /force to force a Group Policy update.
Check Event Logs:
Look at the Event Viewer logs on your domain controllers for any errors related to Group Policy or DFS Replication. This can provide more insight into what might be causing the issue.