다음을 통해 공유

Directory Service: NETLOGON missing after a restore

  • 아티클

This article describes how to restore the NETLOGON as many articles exist on that matter, but today there was a new scenario.

Symptoms

SYSVOL empty but share existant.
NETLOGON share non-existant
GPO's console list all old GPO, but can't display any detail on all GPO.

Scenario

First DC (DC#1) in Windows 2003

Second DC (DC#2) in Windows 2008 R2

Each is Global Catalogue.

DC#1 is old, no longer in the backup schedule.
DC#2 got all FSMO's role and is the primary DC.

Problem:

The datastore died. We restore the system-state from DC#2, and we find ourself with the FAQ that the SYSVOL is empty.

From the tape, we found that the SYSVOL was not replicating. It seems an issue that the SYSVOL does not replicate when you have a 2003 and you DCPROMO a 2008's DC.

How to

The first step is that:

To complete an authoritative restore, stop the FRS service, configure the BurFlags registry key, and then restart the FRS service. To do so:
 1.Click Start, and then click Run. 
2.In the Open box, type cmd and then press ENTER. 
3.In the Command box, type net stop ntfrs. 
4.Click Start, and then click Run. 
5.In the Open box, type regedit and then press ENTER. 
6.Locate the following subkey in the registry: 
 
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
  
7.In the right pane, double click BurFlags. 
8.In the Edit DWORD Value dialog box, type D4 and then click OK. 
9.Quit Registry Editor, and then switch to the Command box. 
10.In the Command box, type net start ntfrs. 
11.Quit the Command box. 
 
When the FRS service is restarted, the following actions occur:
 •The value for the BurFlags registry key is set back to 0. 
•An event 13566 is logged to signal that an authoritative restore is started. 
•Files in the reinitialized FRS replicated directories remain unchanged and become authoritative on direct replication. Additionally, the files become indirect replication partners through transitive replication.
 •The FRS database is rebuilt based on current file inventory. 
•When the process is complete, an event 13516 is logged to signal that FRS is operational. If the event is not logged, there is a problem with the FRS configuration.

After that test, the folder was still empty.

So the final test was simple.

Created the scripts folder in C:\Windows\SYSVOL\SYSVOL\domain.name\SCRIPTS and shared it to NETLOGON

Then ran: DCGPOFIX

That reset/recreate the default domain policy, and after you just need to erase all old GPO that are still empty in your console.