Gostovanje na Windows strežnikih, ponudba webhosting, ASP.NET, PHP, MySQL

Windows technical support
Podporni forum za uporabnike storitev spletnega gostovanja
Reply to topic
Missing SYSVOL and NETLOGON shares on new or old DC server
Site Admin

Joined: 18 Jan 2004
Posts: 231
Location: HostMachine.net
Reply with quote

the most frequent issue I encountered over the years are missing SYSVOL and NETLOGON shares. The consequences are errors on client and also on DC server itself, for example, when trying to RDP to domain controller, you get error:

"The requested domain either does not exist or is not accessible"

So, if you cannot login to DC via RDP, you will be able to login locally (or via ILO, iRMC, DRAC...any KVM console).

1. First check for proper IP and DNS settings on domain controller. It might somehow IP got lost, maybe reset to DHCP, or DNS reverted to some public DNS. Just check those settings on DC, it takes few seconds.

2. But most probably your DC stopped sharing SYSVOL and NETLOGON shares. Just check on DC:
If you do not see both SYSVOL and NETLOGON shares, that's your reason for problems!
If only NETLOGON share is missing, then you will have problems with GPO group policy.

NO PROBLEMS, let's go:

  • First, check under C:\Windows\SYSVOL\domain if there are \Policies and \Scripts folders.
    If they are missing, restore them from BACKUP (first to some OTHER location, then copy them over to above mentioned location)

  • Then STOP File Replication Service
    net stop NtFrs

  • Open Registry Editor regedit and navigate to:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
    Change the BurFlags DWORD
    value to D4 (hex) on the Single or Primary DC
    and to D2 (hex) on all Secondary DCs (if they exist).
    Explanation: Value of D4 means Authoritative Restore, meaning this DC will keep existing content of C:\Windows\SYSVOL\domain and offer it for replication to other DCs, while D2 value means NON-Authoritative restore, meaning this DC will pull contents of C:\Windows\SYSVOL\domain from other (Authoritative) DC. In case of single DC, D4 value is the only logical choice...but you must manually restore contents of C:\Windows\SYSVOL\domain from backup before proceeding.

  • START File Replication Service back on:
    net start NtFrs

    The \\SERVERNAME\SYSVOL share should be now up and visible.

  • If \\SERVERNAME\NETLOGON share is still missing, you need to first check, if there is some content under C:\Windows\SYSVOL\domain folder (should be at least folder \Policies and \Scripts there). If this folder contains only _DO_NOT_REMOVE_... preexisting, then you should restore the contents of whole C:\Windows\SYSVOL folder from BACKUP (maybe shut down NTFRS service during the restore process to release files for overwriting), only then proceed to the following step:

    Then you just need to flip SysVolReady flag from 1 to 0 and back to 1 to send signal to the system that files are ready to share.
    To do so you open regedit again, navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters and change value of SysVolReady from 1 to 0 and then back to 1.
    NETLOGON share should appear now.

Site admin alias Labsy
Vsi nasveti in tehnične rešitve so podani v dobri veri in za ljudi z razčiščenimi pojmi o veljavni zakonodaji.
Odgovornost prevzemam izključno in samo za tiste posege, ki jih opravim lastnoročno.
View user's profileSend private messageVisit poster's websiteMSN Messenger
Missing SYSVOL and NETLOGON shares on new or old DC server
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT + 1 Hour  
Page 1 of 1  

 Reply to topic