Windows 10: Fix: Missing Sysvol and Netlogon after domain controller promotion

Discus and support Fix: Missing Sysvol and Netlogon after domain controller promotion in Windows 10 Tutorials to solve the problem; Many cases I found an issue with the newly promoted domain controller is missing the SYSVOL and NETLOGON shares. Most of the cases it would also be a... Discussion in 'Windows 10 Tutorials' started by Noel, Aug 20, 2019.

  1. Noel New Member

    Fix: Missing Sysvol and Netlogon after domain controller promotion


    Many cases I found an issue with the newly promoted domain controller is missing the SYSVOL and NETLOGON shares. Most of the cases it would also be a new domain controller for a new forest. In most cases, you would need to update the flag as below.

    Open Regedit
    Browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
    Set SysVolReady from 0 to 1
    Close Regedit

    This will create the SYSVOL share. If the NETLOGON share is not created you would need to create the folder scripts in C:\Windows\SYSVOL\domain\. When this is done, restart the NETLOGON service.

    This is the easy part. In some cases, although the NETLOGON and SYSVOL shares are working, no group policies or scripts are being replicated using the DFS or DFRS.

    We can verify the replication by running the following command.

    For /f %i IN ('dsquery server -o rdn') do @echo %i && @wmic /node:"%i" /namespace:\\root\microsoftdfs path dfsrreplicatedfolderinfo WHERE replicatedfoldername='SYSVOL share' get replicationgroupname,replicatedfoldername,state

    The states should translate as below

    0 = Uninitialized
    1 = Initialized
    2 = Initial Sync
    3 = Auto Recovery
    4 = Normal
    5 = In Error

    In my case, I have noticed that the newly promoted server was showing 2 and the main domain controller was showing “No Instance(s) Available” which is quite strange. Here you would need to look into the original Active Directory server for any problems and you would see a warning on the DFS Replication under Applications with Event ID 2213 as below.

    Fix: Missing Sysvol and Netlogon after domain controller promotion dfsr_1.png

    It says that the DFS Replication service stopped replication on volume C:. This occurs when a DFSR JET database is not shut down cleanly and Auto Recovery is disabled.

    What we need to do here is from the event viewer take note of the volumeGUID and run the below command and replacing GUID-NUMBER with your GUID.

    wmic /namespace:\\root\microsoftdfs path dfsrVolumeConfig where volumeGuid="GUID-NUMBER" call ResumeReplication

    This will restart the replication and recreate the database. This can be seen with an event with ID 2214 saying The DFS Replication service successfully recovered from an unexpected shutdown on volume C:.This can occur if the service terminated abnormally (due to a power loss, for example) or an error occurred on the volume. No user action is required.

    If you run the command to see the state of the replication you will see that the servers are all showing state 4 as below and the both Sysvol and Netlogon will be replicated.

    Fix: Missing Sysvol and Netlogon after domain controller promotion dfsr_3.png

    (0)

    read more...
     

  2. Windows 10 cannot be access Sysvol & Netlogon folder on the server 2012 r2

    We are using, Windows 10 Professsional and Windows 8.1 Professional software, on the our clients. Out Domain controller server version is Windows Server 2012 R2 Standart.

    But, we have a problem, cannot be access to, shared system folder, "Netlogon & Sysvol" with Windows 10 Professional client Pc.

    We able to Access this same username on the Windows 8.1 Professional client.

    Could you Help me please?

    HAKAN ÖNCEL
     
    HakanOncel, Aug 20, 2019
    #2
  3. changari Win User
    Raising the windows domain and forest issues?


    hi,

    I run a domain that was all 2003 r2 servers. I recently upgraded all my domain controllers to windows 2012 r2.
    That went off without any problems.. Our trust relationships had no issues also.

    My first step was to raise the Domain and Forest levels past 2003 to 2008. This went off without a hitch.
    These are the features for raising the levels to 2008:

    • Features and benefits include all default Active Directory features, all features from the Windows Server 2003 domain functional level, plus:
    • Read-Only Domain Controllers – Allows implementation of domain controllers that only host read-only copy of NTDS database.
    • Advanced Encryption Services – (AES 128 and 256) support for the Kerberos protocol.
    • Distributed File System Replication (DFSR) – Allows SYSVOL to replicate using DFSR instead of older File Replication Service (FRS). It provides more robust and detailed replication of SYSVOL contents.

    Forest Level Windows Server 2008

    • Features and benefits include all of the features that are available at the Windows Server 2003 forest functional level, but no additional features. All domains that are subsequently added to the forest will operate at the Windows Server 2008 domain functional level by default.


    My next step is to raise the domain and forest to 2008 r2, then 2012, and finally 2012 r2. I have been trying to find out exactly what I could expect from raising the Domain and Forest for each step.

    The step involving 2008 r2 seems relatively a non issue. But getting the couple of new features seem very nice

    Domain Level Windows Server 2008 R2

    • All default Active Directory features, all features from the Windows Server 2008 domain functional level, plus 2 new features

    Forest Level Windows Server 2008 R2

    • All of the features that are available at the Windows Server 2003 forest functional level, plus the following features:


    • Active Directory Recycle Bin, which provides the ability to restore deleted objects in their entirety while AD DS is running. <== New Feature very cool
    • All domains subsequently added to the forest will operate at the Windows Server 2008 R2 domain functional level by default.

    Here is my big concerns for the next raising of domain and forest to 2012.

    Forest Level Windows Server 2012:

    • All of the features that are available at the Windows Server 2008 R2 forest functional level, but no additional features.
    • All domains subsequently added to the forest will operate at the Windows Server 2012 domain functional level by default.

    Domain Level Windows Server 2012 R2: <=====
    Need to investigate more and why this post

    • DC-side protections for Protected Users. Protected Users authenticating to a Windows Server 2012 R2 domain can no longer:


    • Authenticate with NTLM authentication <==============(what issues may arise)
    • Use DES or RC4 cipher suites in Kerberos pre-authentication
    • Be delegated with unconstrained or constrained delegation
    • Renew user tickets (TGTs) beyond the initial 4-hour lifetime


    Will this affect my exchange anywhere users with remote access authenticating either clear of NTLM???
    and what would/may not to work properly day 1 when I raise the domain and forest to 2012. I cant really find anyone that can answer a straight question.

    Has anyone gone through this? what problems did you have, if any , if a lot???

    Any thoughts and suggestions will be much appreciated??

    thanks


    - - - Updated - - -

    One more point... I am not sure if I posted this to the correct forum.. So if I was wrong and it should be in a different one..
    PLEASE LET ME KNOW
     
    changari, Aug 20, 2019
    #3
  4. sammy Win User

    Fix: Missing Sysvol and Netlogon after domain controller promotion

    Question:- How to add client to domain from domain controller side?

    Hi Guys,

    -I have domain called lab.com created on virtual machine Windows Server 2008
    -I have added a client machine Linux machine rhel6 to domain lab.com in /etc/host file
    -I am able to ping DC from linux machine by IP and hostname .
    But from DC I can only ping Linux machine by IP address and not by its hostname "rhel61.lab.com"

    I don't want to add linux machine entry to DC's hosts file as it is DC so it should resolve it

    But I wish to know what step or doings I am missing from DC side that I am not able to ping linux machine by its hostname.

    Please suggest.

    Thanks.
     
    sammy, Aug 20, 2019
    #4
Thema:

Fix: Missing Sysvol and Netlogon after domain controller promotion

Loading...
  1. Fix: Missing Sysvol and Netlogon after domain controller promotion - Similar Threads - Fix Missing Sysvol

  2. Domain Controller Failed Test Advertising

    in Windows 10 Installation and Upgrade
    Domain Controller Failed Test Advertising: Hi Guys, I have created a secondary (backup) domain controller and successfully managed to promote it. However, It doesn't contain netlogon directories. On running DCDIAG command, I get the following output. Notes: The current primary DC is running Windows Server 2003...
  3. Missing domain for Workgroup

    in Windows 10 Customization
    Missing domain for Workgroup: I have put my comuter into a Workgroup but it doesn't have a domain. I don't know how to create or find a domain for the Workgroup, This is causing me problems with Windows. What do you think I am missing here, and how would I correct it in your opinion? Thanks!...
  4. "Join a domain" option missing?

    in Windows 10 Network and Sharing
    "Join a domain" option missing?: We are moving from a Win7 fleet to Win10 (pro). We have encountered an issue where we are unable to connect to our domain with the new PCs. From what I understand, under Settings>system>about there should be a "join a domain" option. This option does not exist for us, and...
  5. Volume Control Fix?

    in Windows 10 Drivers and Hardware
    Volume Control Fix?: A previous question had been posted regarding the volume control icon on the taskbar not working. The applicable part of the reply was this: "If you are facing this issue with Volume Control using the speaker icon in the taskbar, try Uninstall and re-install sound card...
  6. "Password is incorrect" on domain controller user account

    in User Accounts and Family Safety
    "Password is incorrect" on domain controller user account: I received a new laptop at work to install Windows 10 Pro on. It previously had Windows 8 Home but I did a clean install of Windows 10 and upgraded it to Pro using a valid key. The issue I'm facing now is that when I try to login, I get the "Password is incorrect issue" many...
  7. Tile menu missing after trying to fix it

    in Windows 10 Software and Apps
    Tile menu missing after trying to fix it: Hi, two days ago the calculator and windows store disappeared. I could not even open them via the web store. So I followed the powershell commands that are shown here: Store - Re-register in Windows 10 After doing that and rebooting, my start menu now looks like...
  8. Nvidia Control Panel missing

    in Windows 10 Graphic Cards
    Nvidia Control Panel missing: I know there are a lot of old threads on this, but I've not seen an actual answer to this and it's been bugging me for over a year ever since I completely de-installed Nvidia from my Win 10-64 system due to apparent failure to upgrade to new drivers and getting a popup...
  9. Group Policy from a 2008R2 Domain Controller

    in Windows 10 Support
    Group Policy from a 2008R2 Domain Controller: We are in the process of rolling out Windows 10 workstations in our company and want to utilize some of the Advanced Audit Policy Configuration settings but we noticed that the Windows 10 specific settings are missing (more specifically, Audit PNP Activity). Is there any way...
  10. Missing control panel

    in Windows 10 Support
    Missing control panel: I am unable to find my Control Panel today. I see the words control panel when I right click on the menu after clicking on the start button. But nothing happens. It does not open. I have been researching it all day but to no avail. I am using an Acer laptop and I updated to...

Users found this page by searching for:

  1. windows server no sysvol or netlogon

    ,
  2. netlogon folder path missing