Missing SYSVOL and NETLOGON during migration

I have had a crazy week so far. One of the issues that has bugged me this week was missing SYSVOL and NETLOGON shares and missing domain data after a new domain controller was added to the domain during migrations.

I first ran into this problem 3 years ago, when I was performing one of my first Swing migrations. I had shut down a server too soon, and as a result, the replica sets were incorrecty synchronized. In that case, I didn’t know what hit me. After I swung the DC back to the target new server, the entire AD crashed. There was no recovery, and I had to restore the server to it’s original state. When I reworked the Swing Migration weeks later, this error did not occur. I made a note on my Swing Migration worksheet, and did not come across this issue again . . . until Monday.

In the first case, I was trying to salvage the AD for a SBS2000 server which had lost the RAID and was barely functional. Just enough to get started. I quickly fixed up a Win2003 server and joined it to domain with the purpose of giving some backup to the AD in preparation for a Swing Migration.

Everything went according to plan, and the AD appeared to have transfered across. I did one last check according to my notes, which I have compiled over the past 4 years, and hit a snag which I had not seen for about 3 years. The SYSVOL and NETLOGON shares were not present on the new DC. Looking further, C:\WINDOWS\SYSVOL\sysvol\domain.name was empty. It should have 2 very important folders – Policies and Scripts. Without this, the AD would crash if the main DC were no longer operational.

In this instance, time was short, and I had to let this one go. We had to rebuild a new domain and reset all the workstations and data.

Today, as I was preparing a new SBS2008 server for migration, I found the same situation. The SBS2008 installation had completed and this new server was fully operational. Being paranoid, I checked, and there was the problem again!

After some searching, I finally found an old Microsoft Knowledge Base article KB290762 (http://support.microsoft.com/kb/290762/) – Using the BurFlags registry key to reinitialize File Replication Service replica sets.

I ran the Authoritative FRS restore procedure using the D4 flag on the old server.

  1. Click Start, and then click Run.
  2. In the Open box, type cmd and then press ENTER.
  3. In the Command box, type net stop ntfrs.
  4. Click Start, and then click Run.
  5. In the Open box, type regedit and then press ENTER.
  6. Locate the following subkey in the registry:
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
  7. In the right pane, double click BurFlags.
  8. In the Edit DWORD Value dialog box, type D4 and then click OK.
  9. Quit Registry Editor, and then switch to the Command box.
  10. In the Command box, type net start ntfrs.
  11. Quit the Command box.

Then I ran the nonauthoritative restore process using the D2 flag on the SBS2008 server.

  1. Click Start, and then click Run.
  2. In the Open box, type cmd and then press ENTER.
  3. In the Command box, type net stop ntfrs.
  4. Click Start, and then click Run.
  5. In the Open box, type regedit and then press ENTER.
  6. Locate the following subkey in the registry:
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
  7. In the right pane, double-click BurFlags.
  8. In the Edit DWORD Value dialog box, type D2 and then click OK.
  9. Quit Registry Editor, and then switch to the Command box.
  10. In the Command box, type net start ntfrs.
  11. Quit the Command box.

Bingo, the folders were recreated, and the shares appeared! An answer to a 3 year old question.

24 thoughts on “Missing SYSVOL and NETLOGON during migration”

  1. I want thank you a lot, I am actually in a migration and have the same problems your solution resolve it perfectly

    Best regards

  2. I was concerned when the article you referenced didn’t include 2008 in the “Applies To” section, but it did absolutely work for me. Thanks so much!

  3. Thank you!!! We had a 2003 sbs to 2012 Essentials migration that was failing on this same step. The process worked like a champ!

  4. Thank you!!! We had 2003R2 Standard to 2012R2 Essentials migration. I have the same problem and billions of useless words from Microsoft gurus in technet, social and so on. Your effort and lost time were not in vain :). Thanks again.

    1. It is a domain AD sync issue, so it assumes that you have another domain controller operational and users will not be affected. Also, it should happen without requiring a reboot.

  5. haha worked like a charm. SBS2003 to 2012 R2, did according to several articles but encountered this issue. You deserve a payrise!

  6. Hi,

    thank you so much for this simple plan, it just helped me for a migration from a 2003 std to 2012 R2 std. HHHHAAARRRRDDDD !

    Thanks GOD !

    alig0r

  7. Thanks a lot for your help.

    I had the same problem migrating from 2003R2 to 2012R2.

    This “how to” fixed the problem.

    Thanks!!!

  8. Thanks! Just did this on a 2016 swing migration. I installed two DCs ( windows 2016 ) and BOTH failed to replicate! I added the registry key as instructed on one of the old DCs, restarted the ntfrs service and waited. Came back and both of the new 2016 DCs had their netvol and sysvol shares and everything was synced! I didnt have to do the second step, but that might be because i waited.

Leave a Reply

Your email address will not be published. Required fields are marked *

Solve the Equation to continue * Time limit is exhausted. Please reload CAPTCHA.