Active Directory Replication Servers (wont replicate SYSVOL and NETLOGON Not showing)

Similar Messages

• FYI: Testing Active Directory Replication Latency/Convergence Through PowerShell (Update 2)

  see:
  (2014-02-01) Testing Active Directory Replication Latency/Convergence Through PowerShell (Update
  2)
  Jorge de Almeida Pinto [MVP-DS] | Principal Consultant | BLOG: http://jorgequestforknowledge.wordpress.com/

  Might that link has been been broken.Here is the link
  http://jorgequestforknowledge.wordpress.com/2014/02/01/testing-active-directory-replication-latencyconvergence-through-powershell-update-2/
  Nice Jorge. Thanks for sharing.
  Regards~Biswajit
  Disclaimer: This posting is provided & with no warranties or guarantees and confers no rights.
  MCP 2003,MCSA 2003, MCSA:M 2003, CCNA, MCTS, Enterprise Admin
  MY BLOG
  Domain Controllers inventory-Quest Powershell
  Generate Report for Bulk Servers-LastBootUpTime,SerialNumber,InstallDate
  Generate a Report for installed Hotfix for Bulk Servers

• Active Directory Replication 2008 R2

  Hi
  We are getting an error as "The following server could not be reached (topology incomplete)"
  Domain Controllers: 2008 R2
  How can we resolve this issue.
  Aravind

  The error message mentions that the server is not reachable.
  You might want to start with checking the basics:
  Check that the faulty DC has its A, CNAME and SRV records properly registered in your DNS system (You can
  NSlookup for checking: http://social.technet.microsoft.com/wiki/contents/articles/29184.nslookup-for-beginners.aspx). If this is not the case then you follow the IP settings recommendation I mentioned here: http://social.technet.microsoft.com/wiki/contents/articles/18513.active-directory-replication-issues-basic-troubleshooting-steps-single-ad-domain-in-a-single-ad-forest.aspx).
  Once the IP settings are corrected then you can ipconfig /registerdns
  command
  Check that required ports for AD replication are opened between your DCs and are not filtered: http://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx
  If none helped then you can temporary disable security software you use on DCs and check again
  The last resort could be to demote the DC and promote it again.
  This posting is provided AS IS with no warranties or guarantees , and confers no rights.
  Ahmed MALEK
  My Website Link
  My Linkedin Profile
  My MVP Profile

• Migration SBS2003 to SBS2008 Active Directory Replication

  I am migrating from SBS2003 server to SBS2008.  I fired up the 2008 server on the network with the 2003 server and started the migration.  I got about 25% progress on the “Expanding and Installing Files” window when I got an error message of “Active Directory Replication is taking longer than expected.  You can choose whether to continue waiting.  If you choose not to wait the migration may fail.  Unless you are sure that replication is working correctly, it is recommended that you continue to wait”.  After waiting three times of 20 minutes each I don’t think it is working.  What are my options?  What can I check for?

  Hi,
  As it is a SBS-related issue, you may wish to post to the SBS newsgroup. This will provide access to others who read the public newsgroups regularly who will either share their knowledge.
  Connect Windows Small Business Server 2008
  http://connect.microsoft.com/SBS08
  Thank you for your understanding and cooperation.
  Miles

• Windows Server 2008 R2 - Active Directory Replication over DynDNS

  Hello,
  I have one server that Windows Server 2008 R2 - Active Directory / DNS
  Now some users shifted to new office with the server
  Some users still in the original place that now don't have ADDS/DNS
  i want to install one replication server in the original place to retrieve AD/DNS form new office via DynDNS
  is that possible of not?
  Best regards,

  Badr, I don't think you want AD replication occurring over the internet - even if that was possible the server would need access to all the SRV records, a records, And all the ports required for communication - See here for an exhaustive list
  http://social.technet.microsoft.com/wiki/contents/articles/584.active-directory-replication-over-firewalls.aspx - I don't think I have to tell you how bad opening all these ports to the internet would be.
  You may want to look at Setting up a vpn or DirectAccess from the original site to the new site. This will give you more security and generally won't cost to much.
  http://technet.microsoft.com/en-us/network/dd420463.aspx
  Another thing that may work for you would be if you setup remote desktop services in the new location and had the original location remote into via a gateway server -
  http://blogs.technet.com/b/windowsserver/archive/2012/05/09/windows-server-2012-remote-desktop-services-rds.aspx as a starting point. With RDS your users would be able to access the new location from anywhere, although there would be upfront costs associated,
  licensing and server being part of them - I don't recommend turning your domain controller into an RDS server.These are just some ideas to help you with your issue

• Active Directory Replication failed

  Hi all,
  I'm deploying lync server 2010 in virtual server.
  My Domain controller is a physical server.
  Windows update restart is done when almost 90% of deployment is completed.
  During enabling users in Lync Server control panel
  I have got an issue after server restart, is active directory replication failed.
  Regards,
  Arun.

  The problem is more related with Domain Controller.
  Please check the event log on Domain Controller.
  You can also refer to the following link to troubleshoot Active Directory Replication Problems:
  http://technet.microsoft.com/en-us/library/cc738415(v=ws.10).aspx
  Lisa Zheng
  TechNet Community Support

• DSGETDCNAME advertising test failing. SYSVOL and NETLOGON shares not replicating. Please help!!!

  Hello all. We are currently running a Windows Server 2003 ADDC as a virtual machine on a Windows Server 2012 host using Hyper-V. We have recently added a second Windows Server 2012 ADDC also as a Hyper-V VM. I promoted the 2k12 to a DC, transferred all FMOS
  roles, and tested AD replication. All AD data was replicated fine. However a DCDIAG (the results of which I have attached to this post) show a few errors.
  First off, it is failing the advertising test. This is more than likely due to a DNS error. Unfortunately, I can not seem to find the error within the DNS to resolve it. 
  Secondly, it is failing the KccEvent test; also seeming as a DNS related error.
  Thirdly, both SYSVOL and NETLOGON shares were not successfully replicated. This is likely the basis for the other issues. Without these successfully replicated, I can not demote the 2K3 server; which is the goal in the end, to replace the old server with
  the new. 
  I am willing to try just about anything, so any suggestions would be greatly appreciated. As for what I have tried, I have tried a non-authoritative restore using burr flags with no success. I CAN ping both DCs from each other ensuring connectivity. All
  users can currently log on to the server (due to the fact that the 2K3 server is still running and still holds the SYSVOL and NETLOGON shares).
  Once again, any help would be greatly appreciated! Thank you in advance!
  DCDIAG Output:
  Directory Server Diagnosis
  Performing initial setup:
  Trying to find home server...
  Home Server = RETIRED2012
  * Identified AD Forest.
  Done gathering initial info.
  Doing initial required tests
  Testing server: Default-First-Site\RETIRED2012
  Starting test: Connectivity
  ......................... RETIRED2012 passed test Connectivity
  Doing primary tests
  Testing server: Default-First-Site\RETIRED2012
  Starting test: Advertising
  Warning: DsGetDcName returned information for
  \\retired1.RetireFirst.local, when we were trying to reach
  RETIRED2012.
  SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
  ......................... RETIRED2012 failed test Advertising
  Starting test: FrsEvent
  There are warning or error events within the last 24 hours after the
  SYSVOL has been shared. Failing SYSVOL replication problems may cause
  Group Policy problems.
  ......................... RETIRED2012 passed test FrsEvent
  Starting test: DFSREvent
  ......................... RETIRED2012 passed test DFSREvent
  Starting test: SysVolCheck
  ......................... RETIRED2012 passed test SysVolCheck
  Starting test: KccEvent
  An error event occurred. EventID: 0xC0000827
  Time Generated: 08/09/2013 22:08:34
  Event String:
  Active Directory Domain Services could not resolve the following DNS host name of the source domain controller to an IP address. This error prevents additions, deletions and changes in Active Directory Domain Services from replicating between one or more domain controllers in the forest. Security groups, group policy, users and computers and their passwords will be inconsistent between domain controllers until this error is resolved, potentially affecting logon authentication and access to network resources.
  A warning event occurred. EventID: 0x80000677
  Time Generated: 08/09/2013 22:10:02
  Event String:
  Active Directory Domain Services attempted to communicate with the following global catalog and the attempts were unsuccessful.
  An error event occurred. EventID: 0xC0000466
  Time Generated: 08/09/2013 22:10:06
  Event String:
  Active Directory Domain Services was unable to establish a connection with the global catalog.
  ......................... RETIRED2012 failed test KccEvent
  Starting test: KnowsOfRoleHolders
  ......................... RETIRED2012 passed test KnowsOfRoleHolders
  Starting test: MachineAccount
  ......................... RETIRED2012 passed test MachineAccount
  Starting test: NCSecDesc
  ......................... RETIRED2012 passed test NCSecDesc
  Starting test: NetLogons
  Unable to connect to the NETLOGON share! (\\RETIRED2012\netlogon)
  [RETIRED2012] An net use or LsaPolicy operation failed with error 67,
  The network name cannot be found..
  ......................... RETIRED2012 failed test NetLogons
  Starting test: ObjectsReplicated
  ......................... RETIRED2012 passed test ObjectsReplicated
  Starting test: Replications
  ......................... RETIRED2012 passed test Replications
  Starting test: RidManager
  ......................... RETIRED2012 passed test RidManager
  Starting test: Services
  ......................... RETIRED2012 passed test Services
  Starting test: SystemLog
  A warning event occurred. EventID: 0x00001695
  Time Generated: 08/09/2013 22:06:48
  Event String:
  Dynamic registration or deletion of one or more DNS records associated with DNS domain 'RetireFirst.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
  A warning event occurred. EventID: 0x000003F6
  Time Generated: 08/09/2013 22:06:49
  Event String:
  Name resolution for the name _ldap._tcp.Default-First-Site._sites.dc._msdcs.RetireFirst.local. timed out after none of the configured DNS servers responded.
  A warning event occurred. EventID: 0x00001696
  Time Generated: 08/09/2013 22:07:44
  Event String:
  Dynamic registration or deregistration of one or more DNS records failed with the following error:
  A warning event occurred. EventID: 0x000003F6
  Time Generated: 08/09/2013 22:07:51
  Event String:
  Name resolution for the name retired1.RetireFirst.local timed out after none of the configured DNS servers responded.
  A warning event occurred. EventID: 0x00001695
  Time Generated: 08/09/2013 22:08:23
  Event String:
  Dynamic registration or deletion of one or more DNS records associated with DNS domain 'DomainDnsZones.RetireFirst.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
  A warning event occurred. EventID: 0x00001695
  Time Generated: 08/09/2013 22:08:35
  Event String:
  Dynamic registration or deletion of one or more DNS records associated with DNS domain 'ForestDnsZones.RetireFirst.local.' failed. These records are used by other computers to locate this server as a domain controller (if the specified domain is an Active Directory domain) or as an LDAP server (if the specified domain is an application partition).
  An error event occurred. EventID: 0x0000041E
  Time Generated: 08/09/2013 22:08:45
  Event String:
  The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.
  An error event occurred. EventID: 0x00000423
  Time Generated: 08/09/2013 22:08:53
  Event String:
  The DHCP service failed to see a directory server for authorization.
  A warning event occurred. EventID: 0x000003F6
  Time Generated: 08/09/2013 22:10:04
  Event String:
  Name resolution for the name isatap timed out after none of the configured DNS servers responded.
  A warning event occurred. EventID: 0x000003F6
  Time Generated: 08/09/2013 22:10:08
  Event String:
  Name resolution for the name e45ad288-70ff-4d9e-adf9-3035e459e126._msdcs.RetireFirst.local timed out after none of the configured DNS servers responded.
  A warning event occurred. EventID: 0x000003F6
  Time Generated: 08/09/2013 22:10:21
  Event String:
  Name resolution for the name _ldap._tcp.Default-First-Site._sites.dc._msdcs.RetireFirst.local. timed out after none of the configured DNS servers responded.
  An error event occurred. EventID: 0x00000423
  Time Generated: 08/09/2013 22:11:14
  Event String:
  The DHCP service failed to see a directory server for authorization.
  An error event occurred. EventID: 0x0000041E
  Time Generated: 08/09/2013 22:13:45
  Event String:
  The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.
  ......................... RETIRED2012 failed test SystemLog
  Starting test: VerifyReferences
  ......................... RETIRED2012 passed test VerifyReferences
  Running partition tests on : ForestDnsZones
  Starting test: CheckSDRefDom
  ......................... ForestDnsZones passed test CheckSDRefDom
  Starting test: CrossRefValidation
  ......................... ForestDnsZones passed test
  CrossRefValidation
  Running partition tests on : DomainDnsZones
  Starting test: CheckSDRefDom
  ......................... DomainDnsZones passed test CheckSDRefDom
  Starting test: CrossRefValidation
  ......................... DomainDnsZones passed test
  CrossRefValidation
  Running partition tests on : Schema
  Starting test: CheckSDRefDom
  ......................... Schema passed test CheckSDRefDom
  Starting test: CrossRefValidation
  ......................... Schema passed test CrossRefValidation
  Running partition tests on : Configuration
  Starting test: CheckSDRefDom
  ......................... Configuration passed test CheckSDRefDom
  Starting test: CrossRefValidation
  ......................... Configuration passed test CrossRefValidation
  Running partition tests on : RetireFirst
  Starting test: CheckSDRefDom
  ......................... RetireFirst passed test CheckSDRefDom
  Starting test: CrossRefValidation
  ......................... RetireFirst passed test CrossRefValidation
  Running enterprise tests on : RetireFirst.local
  Starting test: LocatorCheck
  ......................... RetireFirst.local passed test LocatorCheck
  Starting test: Intersite
  ......................... RetireFirst.local passed test Intersite

  Thank you for your response first of all! And in response:
  1. "Retired1" is the 2k3 ADDC / DNS Server. It currently has a different IP than the 2K12 Server. Verified with ipconfig/all.
  2. I set 2K12 to only 2K3 for DNS; no external ISP servers or itself listed. Registered DNS, restarted netlogon; no success.
  3. ipconfig/all for 2K12 server here:
  Windows IP Configuration
  Host Name . . . . . . . . . . . . : RETIRED2012
  Primary Dns Suffix . . . . . . . : RetireFirst.local
  Node Type . . . . . . . . . . . . : Hybrid
  IP Routing Enabled. . . . . . . . : No
  WINS Proxy Enabled. . . . . . . . : No
  DNS Suffix Search List. . . . . . : RetireFirst.local
  Ethernet adapter Ethernet:
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter
  Physical Address. . . . . . . . . : 00-15-5D-01-33-0A
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  Link-local IPv6 Address . . . . . : fe80::8159:4f0c:4071:d780%12(Preferred)
  IPv4 Address. . . . . . . . . . . : 172.21.69.246(Preferred)
  Subnet Mask . . . . . . . . . . . : 255.255.255.192
  Default Gateway . . . . . . . . . : 172.21.69.250
  DHCPv6 IAID . . . . . . . . . . . : 251663709
  DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-74-BE-C0-00-15-5D-01-33-0A
  DNS Servers . . . . . . . . . . . : 172.21.69.240
  NetBIOS over Tcpip. . . . . . . . : Enabled
  Tunnel adapter isatap.{8317BEC2-079A-4846-B6B2-1AE3E2784691}:
  Media State . . . . . . . . . . . : Media disconnected
  Connection-specific DNS Suffix . :
  Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
  Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
  DHCP Enabled. . . . . . . . . . . : No
  Autoconfiguration Enabled . . . . : Yes
  4. The 2K12 is a GC; yes.
  Thanks again and hopefully we can work this out!
  Seems like you have/had a server named "retired1" with the same IP address as the new 2012 server? (if this is a old server) remove all references to it in DNS
  Make sure that on the 2012 server in the TCP/IP DNS Settings, you only point to the 2003 DC for DNS (Not it self for now, and no external ISP DNS servers) - Run ipconfig /registerdns and restart the netlogon service on the 2012 server.
  Can you post and unedited output of ipconfig /all from the 2012 server?
  Did you make the 2012 server a global catalog? (if not I would recommend that)http://support.microsoft.com/kb/296882
  Seems like you have/had a server named "retired1" with the same IP address as the new 2012 server? (if this is a old server) remove all references to it in DNS
  Make sure that on the 2012 server in the TCP/IP DNS Settings, you only point to the 2003 DC for DNS (Not it self for now, and no external ISP DNS servers) - Run ipconfig /registerdns and restart the netlogon service on the 2012 server.
  Can you post and unedited output of ipconfig /all from the 2012 server?
  Did you make the 2012 server a global catalog? (if not I would recommend that)http://support.microsoft.com/kb/296882
  Seems like you have/had a server named "retired1" with the same IP address as the new 2012 server? (if this is a old server) remove all references to it in DNS
  Make sure that on the 2012 server in the TCP/IP DNS Settings, you only point to the 2003 DC for DNS (Not it self for now, and no external ISP DNS servers) - Run ipconfig /registerdns and restart the netlogon service on the 2012 server.
  Can you post and unedited output of ipconfig /all from the 2012 server?
  Did you make the 2012 server a global catalog? (if not I would recommend that)http://support.microsoft.com/kb/296882

• Want to modify sysvol and netlogon share permissions

  HI all,
  As per security concern we need to remove the everyone from share permission on SYSVOL and NETLOGON share.......can anyone provide me the suggesstion for the same...or any documented article which says that how to do it or what precaution showld we take....
  Or if the permission is by design has any document or Kb article which says the permission should not be changed.
  Appreciate any help.
  Thanks........
  Ahmed Gaziyani Enterprise Admin.

  Hello,
  If you remove such permission then you will have issues in appliance of group policies and netlogon scripts on your users. Users should have at least read permission on the SYSVOL folder so that group policies and netlogon scripts will be applied.
  More if you ask them here: http://social.technet.microsoft.com/Forums/en-US/winserverGP/threads
  This
  posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
  Microsoft Student
  Partner 2010 / 2011
  Microsoft Certified
  Professional
  Microsoft Certified
  Systems Administrator: Security
  Microsoft Certified
  Systems Engineer: Security
  Microsoft Certified
  Technology Specialist: Windows Server 2008 Active Directory, Configuration
  Microsoft Certified
  Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
  Microsoft Certified
  Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
  Microsoft
  Certified Technology Specialist: Windows 7, Configuring
  Microsoft
  Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
  Microsoft Certified
  IT Professional: Enterprise Administrator
  Microsoft Certified IT Professional: Server Administrator
  Microsoft Certified Trainer

• Can't see the SYSVOL and NETLOGON folder into newly migrated server

  Hi,
  I have recently promoted and migrated FSMO role to my new Additional Domain controller but after migration I can't see SYSVOL and NETLOGON folder into new domain controller. Even I can't add any backup domain controller to newly migrated domain controller.
  Regard;
  Jitendra Gautam

  Hi
  How much time it should take to advertise because it become more than 20 days after promotion of new DC. When I run dcdiag and I found that :
  Directory Server Diagnosis
  Performing initial setup:
     Trying to find home server...
     Home Server = NEWDC
     * Identified AD Forest.
     Done gathering initial info.
  Doing initial required tests
     Testing server: Default-First-Site-Name\NEWDC
        Starting test: Connectivity
           ......................... NEWDC passed test Connectivity
  Doing primary tests
     Testing server: Default-First-Site-Name\NEWDC
        Starting test: Advertising
           Warning: DsGetDcName returned information for
           \\OLD DC.domain.name, when we were trying to reach
           NEWDC.
           SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
           ......................... NEWDC failed test Advertising
        Starting test: FrsEvent
           ......................... NEWDC passed test FrsEvent
        Starting test: DFSREvent
           There are warning or error events within the last 24 hours after the
           SYSVOL has been shared.  Failing SYSVOL replication problems may cause
           Group Policy problems.
           ......................... NEWDC failed test DFSREvent
        Starting test: SysVolCheck
           ......................... NEWDC passed test SysVolCheck
        Starting test: KccEvent
           ......................... NEWDC passed test KccEvent
        Starting test: KnowsOfRoleHolders
           ......................... NEWDC passed test KnowsOfRoleHolders
        Starting test: MachineAccount
           ......................... NEWDC passed test MachineAccount
        Starting test: NCSecDesc
           ......................... NEWDC passed test NCSecDesc
        Starting test: NetLogons
           Unable to connect to the NETLOGON share! (\\NEWDC\netlogon)
           [NEWDC] An net use or LsaPolicy operation failed with error 67,
           The network name cannot be found..
           ......................... NEWDC failed test NetLogons
        Starting test: ObjectsReplicated
           ......................... NEWDC passed test ObjectsReplicated
        Starting test: Replications
           ......................... NEWDC passed test Replications
        Starting test: RidManager
           ......................... NEWDC passed test RidManager
        Starting test: Services
           ......................... NEWDC passed test Services
        Starting test: SystemLog
           An error event occurred.  EventID: 0xC00010DF
              Time Generated: 10/07/2014   17:11:03
              Event String:
              A duplicate name has been detected on the TCP network.  The IP addre
  ss of the computer that sent the message is in the data. Use nbtstat -n in a com
  mand window to see which name is in the Conflict state.
           An error event occurred.  EventID: 0xC00010DF
              Time Generated: 10/07/2014   17:14:13
              Event String:
              A duplicate name has been detected on the TCP network.  The IP addre
  ss of the computer that sent the message is in the data. Use nbtstat -n in a com
  mand window to see which name is in the Conflict state.
           An error event occurred.  EventID: 0xC00010DF
              Time Generated: 10/07/2014   17:15:31
              Event String:
              A duplicate name has been detected on the TCP network.  The IP addre
  ss of the computer that sent the message is in the data. Use nbtstat -n in a com
  mand window to see which name is in the Conflict state.
           An error event occurred.  EventID: 0xC00010DF
              Time Generated: 10/07/2014   17:15:42
              Event String:
              A duplicate name has been detected on the TCP network.  The IP addre
  ss of the computer that sent the message is in the data. Use nbtstat -n in a com
  mand window to see which name is in the Conflict state.
           An error event occurred.  EventID: 0xC00010DF
              Time Generated: 10/07/2014   17:17:27
              Event String:
              A duplicate name has been detected on the TCP network.  The IP addre
  ss of the computer that sent the message is in the data. Use nbtstat -n in a com
  mand window to see which name is in the Conflict state.
           An error event occurred.  EventID: 0xC00010DF
              Time Generated: 10/07/2014   17:53:35
              Event String:
              A duplicate name has been detected on the TCP network.  The IP addre
  ss of the computer that sent the message is in the data. Use nbtstat -n in a com
  mand window to see which name is in the Conflict state.
           An error event occurred.  EventID: 0xC0001B61
              Time Generated: 10/07/2014   17:54:39
              Event String:
              A timeout was reached (30000 milliseconds) while waiting for the Fil
  e Replication service to connect.
           An error event occurred.  EventID: 0xC0001B61
              Time Generated: 10/07/2014   17:54:44
              Event String:
              A timeout was reached (30000 milliseconds) while waiting for the Fil
  e Replication service to connect.
           An error event occurred.  EventID: 0xC0001B61
              Time Generated: 10/07/2014   17:55:40
              Event String:
              A timeout was reached (30000 milliseconds) while waiting for the Fil
  e Replication service to connect.
           An error event occurred.  EventID: 0xC0001B61
              Time Generated: 10/07/2014   17:55:53
              Event String:
              A timeout was reached (30000 milliseconds) while waiting for the Fil
  e Replication service to connect.
           ......................... NEWDC failed test SystemLog
        Starting test: VerifyReferences
           ......................... NEWDC passed test VerifyReferences
     Running partition tests on : DomainDnsZones
        Starting test: CheckSDRefDom
           ......................... DomainDnsZones passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... DomainDnsZones passed test
           CrossRefValidation
     Running partition tests on : ForestDnsZones
        Starting test: CheckSDRefDom
           ......................... ForestDnsZones passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... ForestDnsZones passed test
           CrossRefValidation
     Running partition tests on : Schema
        Starting test: CheckSDRefDom
           ......................... Schema passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... Schema passed test CrossRefValidation
     Running partition tests on : Configuration
        Starting test: CheckSDRefDom
           ......................... Configuration passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... Configuration passed test CrossRefValidation
     Running partition tests on : domain
        Starting test: CheckSDRefDom
           ......................... domain passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... domain passed test CrossRefValidation
     Running enterprise tests on : domain.name
        Starting test: LocatorCheck
           Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
           A Time Server could not be located.
           The server holding the PDC role is down.
           Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
           1355
           A Good Time Server could not be located.
           ......................... domain.name failed test LocatorCheck
        Starting test: Intersite
           ......................... domain.name passed test Intersite
  And
   "I can't add any backup domain controller..."  means I am not able to join the new ADDC to newly promoted server. But I can join the new
  ADDC to old DC of which the FSMO roles are transferred to new DC .
  I also found that File replication service is disabled while starting it getting the below Error:
  "Error 1053: Ther service did not respond to start or control request in timely fashion"
  Regards;
  Jitendra Gautam

• Sysvol and netlogon

  Hi guys, quick question,
  Is sysvol the same as netlogon, what I mean is if there is a script in sysvol but I didnt put anything in netlogon, will this script be replicated in netlogon folder?
  If yes, so If I delete this script in sysvol, technically will it be deleted in netlogon
  Regards,
  Jeff

  Hi Jeff,
  I agree with Calin.
  The Sysvol folder is shared on an NTFS volume on all the domain controllers in a particular domain. Sysvol is used to deliver the policy and logon scripts to domain members.
   By default sysvol includes 2 folders:
   1.Policies - (Default location - %SystemRoot%\Sysvol\Sysvol\domain_name\Policies)
   2.Scripts - (Default lcation - %SystemRoot%\Sysvol\Sysvol\domain_name\Scripts)
  Script folder under sysvol folder will act as Netlogon share.
  For more detailed information, you can refer to the link below:
  Sysvol and netlogon share importance
  in Active Directory
  Best regards,
  Susie

• SBS2011 Recovered from Missing SYSVOL and NETLOGON; looking for original cause - not restore related

  Call from client that they couldn't login to their shares. Connected to the server and found SYSVOL and NETLOGON missing. This has happened 3 times on this server 2014-01-06, 2014-03-26, and 2014-06-04. Although I have documentation and can restore quickly,
  preventing is out primary goal.
  What are the situation is which tis might happen and possible event log items that can give us a warning that this may take place.

  Searched more for SYSVOL NETLOGON Repeat. I excluded the C:\Windows\sysvol directory from Anti-virus scan to prevent locks. Links are below.Thank you,
  Jefferson Eckert
  Systems Engineer | Inline Computer & Communications
  509.783.5450 ext 158 | [email protected] | http://www.inlinecomputer.com
  Please consider the environment before printing this email
  http://blogs.technet.com/b/instan/archive/2009/07/14/what-happens-in-a-journal-wrap.aspx
  Since the PDC server was in Journal Wrap errors state and new DC was not having sysvol share avaialbe to fix the issue you need to first take the backup of sysvol and perfrom D4(authorative restore) and D2(non authorative restore) to fix the issue.http://support.microsoft.com/kb/290762/
  Also your first step should be finding why JRNL_WRAP_ERROR error has occurred. Normally, JRNL_WRAP_ERROR occurs due to drive/partition being corrupted, antivirus locking and corrupting the file during sysvol scan, heavy size of the files inside
  sysvol and netlogon shares.
  Run chkdsk in read only mode for any errors and if issue reported take the backup of server and run chkdsk/f.Exclude the sysvol/nrtds/sysvol from AV scan too.To fix the Journal wrap perfrom authorative restore assuming you have single DC.See below link too.
  what-happens-in-a-journal-:http://blogs.technet.com/b/instan/archive/2009/07/14/what-happens-in-a-journal-wrap.aspx
  Since you have restored the DC to previous state check the health of DC by running dcdiag /q and also check event log for any errors and warning and post the same if any.
  Best Regards,
  Sandesh Dubey.
  MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator |
  My Blog
  Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
  Proposed as answer by
  VenkatSP<abbr class="affil"></abbr> Tuesday, November 20, 2012 2:02 AM

• My ipod nano 5th gen. wont turn on and is not being recognized on my mac or itunes

  my ipod nano 5th gen. wont turn on and is not being recognized on my mac or itunes

  What have you tried so far in terms of troubleshooting?  After leaving the Nano to sit and charge for at least 30 minutes, try resetting it by pressing and holding both the Select/Center and Menu buttons together long enough for the Apple logo to appear. You'll want to make sure the Hold Switch is not in the On position as well.
  B-rock

• Monitor Sysvol and netlogon Share availability on domain controllers

   I need to monitor availability of sysvol and Netlogon shares on all our domain controllers around 20 in all.
  What is the best way for us to do that.
  I have seen scripts that monitor share availability but that would mean i create 40 such 2 times script monitors , that is too much of manual work..
  Any advice.

  I looked into the discovered Inventory (SysVol for windows 2008)  I see all theobjects 
  But the path shows as dc01.domain.com\dc01\sysvol
  However we never get notified when the sysvol share is inaccessible.
  We have had a number of cases when the DC is online but somehow we cant access the sysvol share
  We need a monitor to alert us in such a case;
  I modified the our script to include %computername%  and targeted it to all dC's  group,
  Dim oAPI, oBag
  Set oAPI = CreateObject("MOM.ScriptAPI")
  Set oBag = oAPI.CreatePropertyBag()
  Set objFSO = CreateObject("Scripting.FileSystemObject")
  strFile = "\\%computername%\sysvol\"
  If objFSO.FolderExists(strFile) Then
  Call oBag.AddValue("Status","Exist")
  Call oAPI.Return(oBag)
  Else
  Call oBag.AddValue("Status","NotExist")
  Call oAPI.Return(oBag)
  End If
  However the monitor alerted critical  immediately.
  How should the monitor be.
  I though if i put \\%computername%\sysvol\ in the script and send it to all the DC's group then it will start monitoring as \\dc01\sysvol etc

• Hi, anyone can help me? I can't activated my ip4 after restored n updated and it's showed activation server is temporarily unavailable and the device can't read my SIM card,can someone please help me....thanks

  Hi, anyone can help me? I can't activated my ip4 after restored n updated and it's showed activation server is temporarily unavailable and the device can't read my SIM card,can someone please help me....thanks

  It is 99% hacked/jailbroken iPhone to use a different carrier than intended. You have to put the sim from the original carrier or ask them to unlock the iPhone. We as well as Apple cannot help you with this.

• My phone wont power up and its not the battery or the software as ive updated all the latest versions to my pc, it gets to the apple on power on and switches off? halp!!!

  my phone wont power up and its not the battery or the software as ive updated all the latest versions to my pc, it gets to the apple on power on and switches off? help!!!!

  got no idea me like??