Kicking NTFRS To Start Replicating After SYSVOL Non-Authoritative Restore

-
Have YOU not had the situation where: 
  • You needed to do a non-auth. restore of AD and the SYSVOL on a DC
    OR 
  • You needed to do a non-auth. of the SYSVOL (BurFlags=D2) on a DC
    AND 
  • That DC was across a site link at another location
    AND 
  • No other DC was available at that other location
    AND 
  • The schedule for the site link was very tight
    AND 
  • The replication window did not start for several hours
    AND 
  • The SYSVOL was empty and the DC did not make the SYSVOL available, because it was waiting for replication to occur
    AND 
  • Your users were complaining all over the place because authentication went over the wire and things were too slow
    AND 
  • You started pulling your hair out
    AND 
  • You needed a beer, but you got none because you were still working (ain’t that a bitch! ;-)) )
    AND 
  • …..etc….etc…etc.. 
Worry no more! 
Right after the non-auth. restore AND the reboot of the DC (IF applicable) 
  • Stop the NTFRS service 
    • Open Command Prompt 
    • NET STOP NTFRS 
  • Execute the CMD file mentioned below 
    • SYSVOL_Seeding_1_CONFIG.CMD (contents – copy/paste – enter own information!!!!) 
      • REG ADD "HKLM\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\SysVol Seeding\Domain System Volume (SYSVOL share)" 
      • REG ADD "HKLM\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\SysVol Seeding\Domain System Volume (SYSVOL share)" /v "Replica Set Parent" /t REG_SZ /d <FQDN DC WITH HEALTHY SYSVOL THAT IS ALSO USED AS AN INBOUND REPLICATION PARTNER IN SOME CONNECTION OBJECT> /f 
    • REMARK: 
      • <FQDN SOME DC WITH HEALTHY SYSVOL> is the upstream partner (e.g. DC.DOMAIN.LOCAL) that is used to source the SYSVOL from if the registry IS specified 
  • Start the NTFRS service 
    • Open Command Prompt 
    • NET START NTFRS 
  • Execute the CMD file mentioned below 
    • SYSVOL_Seeding_2_REMOVAL.CMD (contents – copy/paste!!!!) 
      • REG DELETE "HKLM\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\SysVol Seeding\Domain System Volume (SYSVOL share)" /v "Replica Set Parent" /f 
      • REG DELETE "HKLM\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\SysVol Seeding\Domain System Volume (SYSVOL share)" /f 
        REG DELETE "HKLM\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\SysVol Seeding\Domain System Volume (SYSVOL share)" /f 
  • Go to the SYSVOL location (NET SHARE to find out where) 
  • See if the "Policies" and "Scripts" folder appear 
  • See if the DC advertises itself again (FRS log) 
    • –> Event ID 13565 and 13516 in the "File Replication Service Event Log" 
  • Go get that beer! 😉 (as soon as you are home of course!) 
More information

Comments

Post a Comment

Popular posts from this blog

Troubleshooting Netlogon Error Codes

-
Image
Quick Reference: Troubleshooting Netlogon Error Codes ★ ★ ★ ★ ★ ★ ★ ★ ★ ★ ★ ★ ★ ★ ★ January 28, 2013   by  Mark Morowczynski [MSFT]   //   24 Comments 0 0 Hi this is Brandon Wilson and today I will be providing you with a quick reference for troubleshooting Netlogon error codes. I say “quick reference” very loosely here, because this is one of those sticky subjects that can easily expand into many more areas and become a very long discussion. So, I’m going to do my best to focus on just the codes and possible solutions for the error codes that are more common to see. Anyone who has dealt with some of these issues knows that some of these outlined areas can lead to huge revenue loss for a business, or at the very least an annoying authentication prompt J I welcome you to leave comments and questions, or suggestions for articles that you as the reader would be interested in seeing us do on AskPFE Platforms ( http://blogs.tech...
Read more

Troubleshooting AD Active Directory Replication Error 8456 or 8457: "The source | destination server is currently rejecting replication requests"

-
Symptoms  This article describes the symptoms, cause, and resolution steps for situations where Active Directory operations fail with error 8456 or 8457: "The source | destination server is currently rejecting replication requests" The DCPROMO promotion of a new domain controller in an existing forest fails with the error "The source server is currently rejecting replication requests."  Dialog title text:    Active Directory Installation Wizard   Dialog message text:   The operation failed because:   Active Directory could not transfer the remaining data in directory partition   to domain controller .  "The source server is currently rejecting replication requests." DCDIAG reports the error "The source server is currently rejecting replication requests" or "The destination server is currently rejecting replication requests." Testing server: Default-First-Site-Name\     ...
Read more

Service Principal Names (SPNs) SetSPN Syntax (Setspn.exe)

-
Image
Service Principal Names (SPNs) SetSPN Syntax (Setspn.exe) Table of Contents SPN Purpose SPN Format SetSPN Viewing or Checking SPN Registrations SPN Registration Errors Related to SPN Registration or Configuration Manually Registering SPNs Troubleshooting SPN Issues Resolving SPN Registration Issues SPN Lookup Errors Delegation External Articles SPN Purpose A service principal name (SPN) is the name by which a Kerberos client uniquely identifies an instance of a service for a given Kerberos target computer. If you install multiple instances of a service on computers throughout a forest, each instance must have its own SPN. A given service instance can have multiple SPNs if there are multiple names that clients might use for authentication. For example, an SPN always includes the name of the host computer on which the service instance is running, so a service instance might register an SPN for each name or alias of its host. ↑  Return to T...
Read more