If you have ever had issues with NETLOGON or SYSVOL folders not replicating across domain controllers you know that it can be a huge pain in the butt. Whether it be your policy definitions folder not replicating or group policy is just out of sync with the rest of your DCs. It’s an issue that many sysadmins over time have had to overcome however, luckily for me, I was fortunate enough to have had it happen in my lab. My issue was sysvol was not replicating on my 2019 domain controllers so not only did I need to be able to force sysvol replication, I needed to get to the root of the issue to figure out why. Today we’re going to fix sysvol folders not replicating across domain controllers.
I have also posted a video of how to fix domain controller replication at the end of this post for those who prefer to watch the demo 🙂
After checking the event viewer I am across several logs that seemed a bit concerning to me.
Log Name: DFS Replication Source: DFSR Date: 3/25/2020 1:04:30 PM Event ID: 4612 Task Category: None Level: Error Keywords: Classic User: N/A Computer: PAC-DC02.ad.thesysadminchannel.com Description: The DFS Replication service initialized SYSVOL at local path C:\Windows\SYSVOL\domain and is waiting to perform initial replication. The replicated folder will remain in the initial synchronization state until it has replicated with its partner PAC-DC01.ad.thesysadminchannel.com. If the server was in the process of being promoted to a domain controller, the domain controller will not advertise and function as a domain controller until this issue is resolved. This can occur if the specified partner is also in the initial synchronization state, or if sharing violations are encountered on this server or the sync partner. If this event occurred during the migration of SYSVOL from File Replication service (FRS) to DFS Replication, changes will not replicate out until this issue is resolved. This can cause the SYSVOL folder on this server to become out of sync with other domain controllers. Additional Information: Replicated Folder Name: SYSVOL Share Replicated Folder ID: 33B02C74-D5A3-41A7-A1EB-7D526AA4A243 Replication Group Name: Domain System Volume Replication Group ID: 3CA9F092-C1B4-4F46-B276-7FD034A8E03C Member ID: 2AED3E8C-B864-4939-8969-BC747CD672C5 Read-Only: 0 Log Name: DFS Replication Source: DFSR Date: 3/25/2020 1:04:30 PM Event ID: 5002 Task Category: None Level: Error Keywords: Classic User: N/A Computer: PAC-DC02.ad.thesysadminchannel.com Description: The DFS Replication service encountered an error communicating with partner PAC-DC01 for replication group Domain System Volume. Partner DNS address: PAC-DC01.ad.thesysadminchannel.com Optional data if available: Partner WINS Address: PAC-DC01 Partner IP Address: 172.16.10.101 The service will retry the connection periodically. Additional Information: Error: 1753 (There are no more endpoints available from the endpoint mapper.) Connection ID: 3CA9F092-C1B4-4F46-B276-7FD034A8E03C Replication Group ID: FD8F1538-9B92-4EF9-9E8E-E74512BC2149
First things first, we need to determine which domain controller is going to act as the master server. This needs to be the most updated DC in terms of policies because this will overwrite anything and everything that doesn’t match.
An example of this is if you create the policies on DC01, and those policies never replicate to DC02. DC01 is more up to date than DC02 so DC01 should be your master.
Once you have that all set, you can follow the steps in the video.
Fix SYSVOL Folders Not Replicating Across Domain Controllers
Hopefully you found that very useful and now your sysvol replication is working as expected. If you still have doubts, you can check out Microsoft’s Documentation for the official page.
I have tried this and everything else. Here is what happened.
Had vsfs0704 as DC in server 2019 was trying to sync to old dc that was accidentally deleted.
Built a new one in Server 2022 VM50 and connected to the domain. Was able to get all objects, but never able to really sync with vsfs0704. That server was accidentally deleted.
I built another new server vm75 – when I run all the commands, it looks like it syncs successfully. However, logs say differently. For instance, I CAN create objects in VM75 and they WILL appear in VM50. However, group policy files, etc are not syncing as sysvolume is blank on VM75. I also had seized all the FSMO roles on VM50. No matter what I try, I cannot replicate truly VM50 to VM75. Error logs still show BOTH machines trying to replicate with vsfs0704. VM75 is in a constant state of 2 whereas VM50 has a state of 4.
Event logs vm50
Error 5008 The DFS Replication service failed to communicate with partner VSFS0704 for replication group Domain System Volume. This error can occur if the host is unreachable, or if the DFS Replication service is not running on the server.
Partner DNS Address: VSFS0704
Optional data if available:
——————————————————-
event logs vm75
error 5008
The DFS Replication service failed to communicate with partner VSFS0704 for replication group Domain System Volume. This error can occur if the host is unreachable, or if the DFS Replication service is not running on the server.
Partner DNS Address: VSFS0704.AI.COM
Optional data if available:
Partner WINS Address: VSFS0704
Partner IP Address:
The service will retry the connection periodically.
Additional Information:
Error: 1722 (The RPC server is unavailable.)
Connection ID: 2333389A-218D-48D0-95B2-98883E2B9D22
Replication Group ID: 2641C01E-BE73-44D3-A564-8D7C73AD3DB9
————————————————————-
Error 4612
————————
The DFS Replication service initialized SYSVOL at local path C:\Windows\SYSVOL\domain and is waiting to perform initial replication. The replicated folder will remain in the initial synchronization state until it has replicated with its partner VSFS0704. If the server was in the process of being promoted to a domain controller, the domain controller will not advertise and function as a domain controller until this issue is resolved. This can occur if the specified partner is also in the initial synchronization state, or if sharing violations are encountered on this server or the sync partner. If this event occurred during the migration of SYSVOL from File Replication service (FRS) to DFS Replication, changes will not replicate out until this issue is resolved. This can cause the SYSVOL folder on this server to become out of sync with other domain controllers.
————————-
Any ideas? I do not have domain backup at all.
IF I rebuild from scratch, and I rejoin laptops/PC’s on the domain, will it pick up the desktop settings, etc or will it show the end users a blank desktop?
Thanks!
It is days like this I wish I could solely move to Linux as I find it easier to fix issues than Windows. However, I cannot for the time being 🙁
Thank you – This was my fix as it happened out of nowhere I found when troubleshooting a GPO not applying ~
I thank you so much!
Thank you very very much for this!
Thank you!
Paul, you really helped me out immensely. I’m working with Server 2022 Standard and had 2 DCs (1 was PDC) that I upgraded from 2012R2 and the 3rd DC had to be rebuilt from scratch. Your instructions were spot on for me. Thank you so much!
Outstanding!!! Thanks man, this is my new favorite website
Thank you so much !!!!!!!!!!!!!!
You saved my life !!!! Thanks!!!
Thank you so much, this has helped me fix a big headache in a nice clear and easy to follow way!
Excellent video, clear, concise and fixed the issue!!
How did you simulated this issue on the lab?
I shut down one of my hosts which had a DC on it for months to save on Power. When I turned it back on, replication was all hosed up (as was expected)
Excelllent video. Straight, concise and very well explained.
Excellent video. Replication is now working!
I’ve spent several hours trying lot of stuff to fix this exact problem. I wish I’ve seen your video sooner, it’s simple, with clear directives and most importantly, it fixed the issue.
Many thanks man !
Great video, unfortunately, I followed the steps but still getting an error on the “Master DC” – The DFS Replication service stopped replication on volume C:. This occurs when a DFSR JET database is not shut down cleanly and Auto Recovery is disabled. To resolve this issue, back up the files in the affected replicated folders, and then use the ResumeReplication WMI method to resume replication.
Any ideas?
Great post, thank a lot, you just saved my day 😉
Thanks!! excellent video, made our 3 DCs replicate again. Thank you for posting !!
Thanks! Spent hours on this today and followed an MS article for this process that was slightly different and did not work. Thank you for posting.
Thank you for the excellent video. Did exactly what I wanted 🙂