Hello NithyanandhamSingaravadivelu
I would recommend to ensure the below IP settings on each domain controller:
- Each DC / DNS server points to its private IP address as primary DNS server and other internal DNS servers as secondary ones
- Each DC has just one IP address and one network adapter is enabled (disable unused NICs).
- If multiple NICs (enabled and disabled) are present on server, make sure the active NIC is on top in NIC binding.
- Contact your ISP and get valid DNS IPs from them and add it in to the forwarders, Do not set public DNS server in TCP/IP setting of DC.
Once you are done with above, run "ipconfig /flushdns & ipconfig /registerdns", restart DNS and NETLOGON service on each DC.
->>I suspect that the SYSVOL and NETLOGON shares are missing on dc2008R2, Open CMD> run "net share" command to confirm the same.
If the both shares are missing on new DC then you need perform the D2 & D4, also known as authorative & non-authorative restore.
How to force authoritative and non-authoritative synchronization for DFSR-replicated sysvol replication
https://learn.microsoft.com/en-us/troubleshoot/windows-server/group-policy/force-authoritative-non-authoritative-synchronization
Steps:
- First perform D4 on healthy DC (dc2008) then go for D2 on problem DC (dc2016).
Follow this KB article- Using the BurFlags registry key to reinitialize File Replication Service replica sets: http://support.microsoft.com/kb/290762
If still issue reoccurs, follow how to rebuild the SYSVOL tree and its content in a domain.
http://support.microsoft.com/kb/315457/
-------------------------------------------------------------------------------------------------------------------------------------------------
--If the reply is helpful, please Upvote and Accept as answer--