Share: Home
Force an authoritative and non-authoritative synchronization for DFSR-replicated SYSVOL (Like D2/D4 in FRS) - Syed Khairuddin

Syed Khairuddin

Force an authoritative and non-authoritative synchronization for DFSR-replicated SYSVOL (Like D2/D4 in FRS)

  1. In the ADSIEDIT.MSC tool modify the following distinguished name (DN) value and attribute on each of the domain controllers that you want to make non-authoritative:

    CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=<the server name>,OU=Domain Controllers,DC=<domain>

    msDFSR-Enabled=FALSE

  2. Force Active Directory replication throughout the domain.
  3. Run the following command from an elevated command prompt on the same servers that you set as non-authoritative:

    DFSRDIAG POLLAD

  4. You will see Event ID 4114 and 4008 in the DFSR event log indicating SYSVOL is no longer being replicated.
  5. Optional step: Modify the registry on the domain controller to explicitly specify a source computer for SYSVOL, then restart the DFSR service:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DFSR\Parameters\SysVols\Seeding SysVols

    Value name:  Parent Computer
    Value type: REG_SZ
    Value data: <computer to source from>

    If you do not use this method to specify the source computer, any Active Directory replication partner that has the SYSVOL replicated folder in the NORMAL state could end up being used as the source.

  6. On the same DN from Step 1, set:

    msDFSR-Enabled=TRUE

  7. Force Active Directory replication throughout the domain.

  8. Run the following command from an elevated command prompt on the same servers that you set as non-authoritative:

    DFSRDIAG POLLAD

  9. You will see Event ID 4614 and 4604 in the DFSR event log indicating SYSVOL has been initialized. That domain controller has now done a “D2” of SYSVOL.

 

How to perform an authoritative synchronization of DFSR-replicated SYSVOL (like "D4" for FRS)

  1. In the ADSIEDIT.MSC tool, modify the following DN and two attributes on the domain controller you want to make authoritative:

    CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=<the server name>,OU=Domain Controllers,DC=<domain>

    msDFSR-Enabled=FALSE
    msDFSR-options=1

  2. Force Active Directory replication throughout the domain.
  3. Run the following command from an elevated command prompt on the same server that you set as authoritative:

    DFSRDIAG POLLAD

  4. You will see Event ID 4114 and 4008 in the DFSR event log indicating SYSVOL is no longer being replicated.
  5. On the same DN from Step 1, set:

    msDFSR-Enabled=TRUE

  6. Force Active Directory replication throughout the domain.
  7. Run the following command from an elevated command prompt on the same server that you set as authoritative:

    DFSRDIAG POLLAD

  8. You will see Event ID 4602 in the DFSR event log indicating SYSVOL has been initialized. That domain controller has now done a “D4” of SYSVOL.

http://support.microsoft.com/kb/2218556

Posted: 06-19-2010 1:24 PM by skhairudin | with no comments