RE: Windows Server 2003 service pack 1 issues

Mark,

Still not sure what the "issue" exactly was but option 1 was a sure way to
recover (if you are willing to decommision the old server). I would have to
say that it probably is not a service pack 1 issue as FRS engine in SP1 is
the most stable to date. For the most part here is a brief rundown on FRS...

Frs monitors the NTFS USN Journal which tracks changes to files. The default
sizes contrary to MS KB articles are:

Windows 2000 pre SP4 128 MB
Windows 2000 SP4 512MB
Windows 2003 RTM 128 MB
Windows 2003 SP1 512MB

If FRS replication is broken you will get a journal wrap condition once the
journal fills up. That is why I mentioned option 2 as I had a suspicion that
is what happened. Theoretically, Journal wrap should not occur on a single DC
as it never needs to replicate the files but I have seen it happen...

It would be impossible to say what the issue really was with any certainty
without looking at the events logs and FRS Diag logs. Troubleshooting FRS is
probably the biggest pain in the next because there are a lot of varaibles
and problems. It is cery evident if you go to support.microsoft.com and
search on FRS - you will get quite a few KB articles. If you are interested
in the inner workings of FRS refer to:

http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/965a9e1a-8223-4d3e-8e5d-39aeb70ec5d9.mspx

Either way I am glad it worked out for you. :)

"Mark Cannet" wrote:

> Bart, that worked!!!! I can't thank you enough. It's just my nature to ask
> though, do we know why this happened? Is it a service pack 1 issue? I've
> done a number of AD installs with 2000 and 2003 and have never seen this
> before. Again thanks! I used solution 1 by the way.
>
> "Bart K" wrote:
>
> > Mark,
> >
> > You can do a few things to recover from this problem depending on the
> > scenario.
> >
> > SCENARIO1: You only want the new DC and are decomissioning old domain
> > controller right away:
> >
> > - Open registry editor and navigate to
> > HKLM\System\CCS\Services\Netlogon\Parameters
> > - Locate the SysvolReady DWORD and change status from 0 to 1 (This is the
> > value that NETLOGON service uses to determine if the SYSVOL has been
> > replicated and if it is ready to be shared out)
> > - Restart NETLOGON service (SYSVOL should now be shared out but it will be
> > empty)
> > - You can run RECREATEDEFPOL on the new DC (this command will recreate the
> > Default Domain and Default Domain Controllers Policy - of course with default
> > settings)
> > - Transfer FSMO roles, make the new DC a GC and demote the old DC
> >
> > NOTE: You will need to recreate any other GPOs and if you use Exchange make
> > sure you give the ENTERPRISE EXCHANGE SERVERS group the Manage Auditing and
> > Security Logs user right in the newly created Default Domain Policy
> >
> > SCENARIO2: YOU WANT TO KEEP THE OLD DC
> >
> > - This is where it can get tricky and there is no simple / guaranteed answer
> > but start with the following:
> >
> > 1) Obviously you can ping and access shares back and forth, otherwise AD
> > replication would not work
> >
> > 2) Another common problem is that your old DC may be in a state called
> > Journal Wrap JNRL_WRAP. If it is in fact in this condition, no FRS
> > replication will occur. An easy way is to look at the NTFRS event log on the
> > old server and see what event is the event at the top of the list. (Restart
> > service and see if you get a 13516). If you are in fact in a JRNL_WRAP, to
> > recover this server from this condition, do the following:
> >
> > a) Open regedit and navigate to:
> > HKLM\System\CCS\Services\NTFRS\Parameters\Process at Starup (not sure if
> > this is 100% correct as I do not have a DC in front of me, however the key is
> > called Process at Startup an it resides below the ...Services\NTFRS key).
> > Once you find it you will see a BURFLAGS value. Set this to D4. Restart the
> > NTFRS service and wait until you get an event ID 13516. Once this is done you
> > can restart the NTFRS service on the new DC and replication should occur,
> > however...
> >
> > 2) Run DCDIAG /V on the new DC and look for errors / warnings regarding FRS
> > (some of the tests will notify you that you have missing NTFRS subscription /
> > subscriber objects in AD)
> >
> > 3) Using ADSIEDIT inspect the objects under the domain controllers' computer
> > accounts... You should see if there is a NTFRSsubscription container and you
> > will have some more objects underneath those... compare them between the two
> > computer accounts
> >
> > 4) Run FRSDIAG (available from MS - google it) on both computers and review
> > the logs. They are quite large and intimidating, however start with
> > everything but the debug logs as they will probably not mean anything to you.
> > If you need help reviewing the logs let me know.
> >
> > "Mark Cannet" wrote:
> >
> > > I had a windows 2000 domain for a small network. 1 2000 domain controller
> > > with AD integrated DNS. That was an older server so we purchased a new Dell
> > > Server with Windows 2003 w/ SPK1. I put the 2003 CD into the 2000 Server and
> > > ran adprep /forestprep and domain prep. I then ran DCPromo on the 2003
> > > server joined the domain I attempted to move the 5 FSMO roles over to the new
> > > server as I planned on removing the original 2000 server from the network. I
> > > don't know what the issue is but the new 2003 server never got the logon
> > > scripts and policy folder within the sysvol folder from the 2000 server. I
> > > then upgraded the 2000 server to 2003 still no sysvol replication. AD
> > > replicated fine. Infact the new Dell server never even setup the netlogon
> > > share. I manually shared the sysvol\...\scripts folder as NETLOGON. The new
> > > server won't even authenticate users. Is there any known issues with service
> > > pack 1? So if I shutdown the older server the network pretty much
> > > shutsdowns. Please help!!
.