Share via

DFS Replication issue with event ID 4012 (windows server 2016

Ziyad Tbeni 81 Reputation points
2022-06-01T10:18:39.207+00:00

I have two DC windows servers 2016 one primary and additional and I replication between two servers
when creating a new group policy on the primary domain the group policy file in sysvol file was created in the additional domain And vice versa, the same. and I checked the event viewer in DFS replication and have a log with event ID 4012

( The DFS Replication service stopped replication on the folder with the following local path: D:\Windows\SYSVOL\domain. This server has been disconnected from other partners for 501 days, which is longer than the time allowed by the MaxOfflineTimeInDays parameter (60). DFS Replication considers the data in this folder to be stale, and this server will not replicate the folder until this error is corrected.

To resume replication of this folder, use the DFS Management snap-in to remove this server from the replication group, and then add it back to the group. This causes the server to perform an initial synchronization task, which replaces the stale data with fresh data from other members of the replication group.

Additional Information:
Error: 9061 (The replicated folder has been offline for too long.)
Replicated Folder Name: SYSVOL Share
Replicated Folder ID: 4F50CD31-0AA1-4E05-B113-AB7FDBE3751C
Replication Group Name: Domain System Volume
Replication Group ID: 6150A1BF-88D1-4A55-8A45-028CF7AFA0BF
Member ID: 995C3B0E-ED51-43D7-AC89-B56175465AF1 )

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,341 questions
Accepted answer
  1. Dave Patrick 426.3K Reputation points MVP
    2022-06-01T12:20:43.227+00:00

    Since this one has tombstoned you'll need to seize roles (if necessary) take offline, do cleanup and rebuild it.
    https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/transfer-or-seize-fsmo-roles-in-ad-ds

    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/ad-ds-metadata-cleanup
    https://techcommunity.microsoft.com/t5/itops-talk-blog/step-by-step-manually-removing-a-domain-controller-server/ba-p/280564

    I'd use dcdiag / repadmin tools to verify health correcting all errors found before starting any operations. Then stand up the new 2016, patch it fully, license it, join existing domain, add active directory domain services, promote it also [making it a GC][1] (recommended), [transfer FSMO roles over][2] (optional), transfer pdc emulator role (optional), use dcdiag / repadmin tools to again verify health, when all is good you can decommission / demote old one.

    --please don't forget to upvote and Accept as answer if the reply is helpful--

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. George R. Johnson 36 Reputation points
    2022-11-18T10:46:27.327+00:00

    Just my 2 cents.
    In my case I did check the health of the PDC and then used the following command to resume the replication.
    wmic.exe /namespace:\root\microsoftdfs path DfsrMachineConfig set MaxOfflineTimeInDays=500
    In your case the value for "MaxOfflineTimeInDays" needs to be higher than 501.
    If you do that and fire up the replication using repadmin, it should work for you too.

    7 people found this answer helpful.
  2. Satya INV 5 Reputation points
    2023-09-06T11:48:37.1133333+00:00

    After I ran above command, i got ERROR: Description = Invalid namespace

    1 person found this answer helpful.