Important: This article is only applicable if SYSVOL data is being replicated using the File Replication Service (FRS). FRS has been deprecated but may still be in use in Active Directory domains that were created with functional levels earlier than Windows Server 2008. To determine whether FRS is in use, run the
dfsrmig /getmigrationstate
command at an elevated command prompt on a DC. If the migration state is "Eliminated," FRS is not in use, and this article is
not applicable.
The SYSVOL folder hierarchy, present on all DCs, is used to store two important sets of data:
- Group Policy template files. These are stored in separate folders beneath \\SYSVOL\<domain>\Policies.
- Logon, logoff, startup, and shutdown scripts used by machines in the domain. These are stored in \\SYSVOL\<domain>\scripts. The scripts folder is itself shared as NETLOGON.
This data is replicated among domain controllers, but SYSVOL replication takes place separately from Active Directory replication. It is possible for one to fail while the other is fully functional. In some situations, SYSVOL replication may fail and be unable to resume without manual intervention. The following steps perform an
authoritative sync of SYSVOL. In an authoritative sync, FRS initializes SYSVOL using the server's own copy of the SYSVOL data, rather than copying the data from another DC. An authoritative sync is necessary if the DC with the most up-to-date copy of the SYSVOL data is the one on which FRS has stopped working. This is implicitly true if there is only one DC in the domain.
The steps for performing a
non-authoritative sync of FRS-replicated SYSVOL data can be found in
How to Perform a Non-Authoritative Sync of SYSVOL Data Using the File Replication Service (FRS).
To perform an authoritative sync of SYSVOL, follow these steps on the affected DC (the DC with the most up-to-date copy of the SYSVOL data):
- Stop the File Replication Service.
- Launch Registry Editor.
- Browse to:
HKLM\CCS\Services\NtFrs\Parameters\Backup/Restore\Process
at Startup
.
- Double-click the
BurFlags
entry and set it to a hexadecimal value of D4.
- Start the File Replication Service.
- Launch Event Viewer and check the File Replication Service event log (located in Applications and Services Logs) for informational event 13516. It may take a few minutes for this event to appear.
- Once event 13516 has appeared, run the
net share
command and confirm the presence of the SYSVOL and NETLOGON shares in the output. The SYSVOL data should not have changed during this procedure.
In a domain with more than one DC, it may be necessary to perform a non-authoritative sync of SYSVOL on one or more of the
other DCs after the authoritative sync has completed. This can be determined by checking the FRS event logs of the other DCs for error or warning events appearing after completion of the authoritative sync. See the link above for information about performing a non-authoritative sync.
The following video demonstrates the authoritative sync procedure:
Authoritative Sync of SYSVOL Data Using FRS
Duration: 06:25