PowerEdge: Windows Server SYSVOL share is absent from all domain controllers

Summary: If the SYSVOL share is absent from every domain controller (DC) in an Active Directory (AD) domain, AD management consoles may give an error like this: "An Active Directory domain controller (AD DC) for the domain could not be contacted." If Distributed File System Replication (DFSR) is used to replicate SYSVOL data, the issue appears difficult to resolve. An authoritative sync of DFSR cannot be performed without the ADSI Edit console. Fortunately, the issue can be resolved by modifying the registry on the DC with the authoritative copy of SYSVOL. A different registry modification is then performed on the other DCs. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

Note: This article is only applicable if Distributed File System Replication (DFSR) is used to replicate SYSVOL data. If the File Replication Service (FRS) is used, the solution given here does not work.

No domain controllers (DCs) in the domain have a SYSVOL share.

Attempting to join a machine to the domain gives the error "An Active Directory domain controller (AD DC) for the domain <domain> could not be contacted."

Active Directory management consoles such as AD Users and Computers may report the same error.

The Group Policy Management Console reports errors indicating that Group Policy objects (GPOs) are missing.

The DFS Replication event logs of all DCs contain error 4612, with the following description:

The DFS Replication service initialized SYSVOL at local path C:\Windows\SYSVOL\domain and is waiting to perform initial replication. The replicated folder will remain in the initial synchronization state until it has replicated with its partner [server]. If the server was in the process of being promoted to a domain controller, the domain controller will not advertise and function as a domain controller until this issue is resolved. [The rest of the event description has been omitted here.]


The server referenced in the error description above is a former DC that has been demoted.

Cause

This issue most commonly occurs if new DCs are promoted in a domain and older DCs demoted without first verifying whether SYSVOL replication is functional. In this situation, SYSVOL data has never been successfully replicated to any DC that is in use and is absent from the domain.

Resolution

Note: The steps given below should only be performed if the SYSVOL share is absent from all domain controllers in the domain. If at least one DC has a SYSVOL share, the AD consoles should be functional when directed at that DC. The normal sync procedure (authoritative or nonauthoritative) should be used instead. These steps are essentially a way to force an authoritative sync of DFS-replicated SYSVOL data without using ADSI Edit.


First, locate the most up-to-date copy of the SYSVOL data. This likely searching current and former domain controllers for the most recent versions of the Group Policy Template files, which are located at %systemroot%\SYSVOL\domain\Policies. It may be necessary to restore this data from a recent backup of a demoted DC, if such a backup is available. (Restore it to a temporary location created for this purpose.)


Stop the DFS Replication service on all DCs. Next, choose a DC to be the authoritative SYSVOL source. (In this case, it does not matter which DC is chosen.) Copy the Policies and scripts folders from the SYSVOL data to %systemroot%\SYSVOL\domain on the authoritative DC.
 

Note: If no copy of the SYSVOL data can be found, the DCGPOFIXThis hyperlink is taking you to a website outside of Dell Technologies. command can be used to re-create the two default GPOs from scratch. Any other GPOs, and any other data that was stored within the SYSVOL hierarchy, must be re-created manually. This command should be used as a last resort.


Launch the Registry Editor (regedit) and browse to HKLM\System\CurrentControlSet\Services\DFSR\Parameters. Right-click the Sysvols subkey and select Export. Save the file in an accessible location. (This file most likely will not be needed, but it serves as a backup of this registry key in case something goes wrong.) Close the Registry Editor.


Copy the following text into Notepad on that DC:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DFSR\Parameters\SysVols\Promoting SysVols]
"Sysvol Information is Committed"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DFSR\Parameters\SysVols\Promoting SysVols\DOMAINNAME]
"Is Primary"=dword:00000001
"Command"="DcPromo"
"Parent Computer"=""
"Replicated Folder Name"="DOMAINNAME"
"Replicated Folder Root"="C:\\Windows\\SYSVOL\\Domain"
"Replicated Folder Root Set"="C:\\Windows\\SYSVOL\\sysvol\\DOMAINNAME"
"Replicated Folder Stage"="C:\\Windows\\SYSVOL\\staging areas\\DOMAINNAME"
"Replication Group Name"="DOMAINNAME"
"Replication Group Type"="Domain"


From the Edit menu in Notepad, select Replace… and replace all instances of DOMAINNAME with the name of the AD domain (for example, ad.mydomain.com). Ensure that the domain name is correct. If necessary, adjust the file paths to reflect the location of the SYSVOL folder on the server. Save the file as Promoting_Sysvols.reg. Be sure to select All Files (*.*) from the Save as type: dropdown list, so that a .txt extension is not appended to the file name.


Right-click the Promoting_Sysvols.reg file and select Merge. Click Yes when prompted. The data in the file should be successfully merged with the DC's registry. Click OK.


Start the DFS Replication service on that DC only. Launch Event Viewer and refresh the DFS Replication event log until event 4602 appears. SYSVOL replication on that DC is now functional, and the output of the net share command should now show SYSVOL and NETLOGON shares.


Do the following on every other DC in the domain:

  1. Launch Registry Editor and browse to HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/DFSR/Parameters/SysVols/Seeding SysVols/[Domain name].
  2. Locate the Parent Computer setting inside this key and set its value to the DNS name of the authoritative DC.
  3. Close the Registry Editor and start the DFS Replication service.
  4. Launch Event Viewer and refresh the DFS Replication event log until event 4604 appears, indicating that initial replication has completed and SYSVOL has been initialized.
  5. Run net share to confirm the presence of SYSVOL and NETLOGON shares.

Affected Products

Microsoft Windows Server 2016, Microsoft Windows Server 2019, Microsoft Windows Server 2022, Microsoft Windows Server 2025, OEMR R440, OEMR R450, OEMR R540, OEMR R550, OEMR R5500, OEMR R640, OEMR R6415, OEMR R650, OEMR R650xs, OEMR R6515, OEMR R6525 , OEMR R660, OEMR R660xs, OEMR R6615, OEMR R6625, OEMR R740, OEMR R740xd, OEMR R740xd2, OEMR R7415, OEMR R7425, OEMR R750, OEMR R750xa, OEMR R750xs, OEMR R7515, OEMR R7525, OEMR R760, OEMR R760xa, OEMR R760XD2, OEMR R760xs, OEMR R7615, OEMR R840, OEMR R860, OEMR R940, OEMR R940xa, OEMR R960, OEMR XR4510c, OEMR XR4520c, OEMR XR5610, OEMR XR8610t, OEMR XR8620t, PowerEdge R440, PowerEdge R450, PowerEdge R540, PowerEdge R550, PowerEdge R640, PowerEdge R6415, PowerEdge R650, PowerEdge R650xs, PowerEdge R6515, PowerEdge R6525, PowerEdge R660, PowerEdge R660xs, PowerEdge R6615, PowerEdge R6625, PowerEdge R740, PowerEdge R740XD, PowerEdge R740XD2, PowerEdge R7415, PowerEdge R7425, PowerEdge R750, PowerEdge R750XA, PowerEdge R750xs, PowerEdge R7515, PowerEdge R7525, PowerEdge R760, PowerEdge R760XA, PowerEdge R760xd2, PowerEdge R760xs, PowerEdge R7615, PowerEdge R7625, PowerEdge R840, PowerEdge R860, PowerEdge R940, PowerEdge R940xa, PowerEdge R960, PowerEdge XR5610, PowerEdge XR8610t, PowerEdge XR8620t ...
Article Properties
Article Number: 000198564
Article Type: Solution
Last Modified: 10 Dec 2025
Version:  7
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.