W2K3 Recover of First Child DC
When recovering the FIRST Child DC in a full Forest Recovery Process, the SYSVOL on that server purges itself upon reboot in Normal Mode. The Server was recovered using NT-Backup following usual articles (Non-Authoritative Restore).
Any known reason why SYSVOL would purge itself?
Process Flow:
Recovered Root DC; Seize Roles; Recovered Secondary Root DC; Validated Replication within Root Domain; Recovered First Child DC; Issue!
January 7th, 2011 7:14am
Hi,
This behavior occurs because the File Replication service (FRS) cannot locate a valid replication partner to synchronize the Sysvol replica set by design.
To fix this behavior, you must designate one domain controller as being authoritative for the Sysvol replica set. If all of the domain controllers in
the domain have been restored, select the primary domain controller emulator flexible single master operations (FSMO) role holder:
1.
Stop the File Replication service on the domain controller.
2.
Start Registry Editor (Regedt32.exe).
3.
Locate and then click the
BurFlags value under the following key in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
4.
On the
Edit menu, click DWORD, click
Hex, type D4, and then click
OK.
5.
Quit Registry Editor.
6.
Move data out of the PreExisting folder.
7.
Restart the File Replication Service.
Note: This registry value marks the FRS replica as authoritative for the whole replica set. Set this value on only one replica, and only
to resolve this specific issue. If you configure multiple replicas as authoritative, conflicts and collisions may occur in the replica set.
For more information, please refer to the following Microsoft KB article:
The Sysvol and Netlogon Shares Are Missing After You Restore a Domain Controller from Backup
http://support.microsoft.com/kb/316790
Regards,Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Free Windows Admin Tool Kit Click here and download it now
January 10th, 2011 11:36pm
Thanks for the response.
Is it that the First Child DC being restored is automatically the authoratitive SYSVOL? (How can one check?)
Please note, after the Restore, a Metadata Clean-Up is performed so that this First restored DC only knows of itself as the only DC in the Domain. Is there a requirement to set the BurFlag (D4) to the DC to ensure that newly DCPROMO'd additional Child
DC's knows that the restored First Child DC is authoratitive?
January 14th, 2011 7:02am
Hello Arthur_Li, Is there a way to to validate that the first Child DC being restored is the authoratitive SYSVOL volume. Looking to restore a second Child DC, but do not want the data to replicate from second to primary.
Free Windows Admin Tool Kit Click here and download it now
February 8th, 2011 9:32am
Hi,
During nonauthoritative restore, the distributed services on a domain controller are restored from backup media and the restored data is then updated
through normal replication. In short, each restored directory partition is updated with that of its replication partners. Nonauthoritative restore is typically performed when a domain controller has completely failed due to hardware or software problems.
Authoritative restore occurs after nonauthoritative restore has been performed. During authoritative restore, an entire directory, a subtree, or individual
objects can be designated to take precedence over any other instances of those objects on domain controllers. So, through normal replication, the restored domain controller becomes authoritative in relation to its replication partners. Authoritative restore
is typically used to restore a system to a previously known state, for example before Active Directory objects were erroneously deleted.
The global BurFlags registry key contains REG_DWORD values, and is located in the following location in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
The most common values for the BurFlags registry key are:
D2, also known as a nonauthoritative mode restore
D4, also known as an authoritative mode restore
If you want to restore a second Child DC, but do not want the data to replicate from second to primary, you may consider to perform a nonauthoritative
restore. For more information regarding nonauthoritative and authoritative restore, please refer to the following Microsoft KB article:
Using the BurFlags registry key to reinitialize File Replication Service replica sets
http://support.microsoft.com/kb/290762
Regards,Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
February 8th, 2011 8:54pm