Hi, At the moment I don't know what's causing your problem. I only know that if something goes wrong with the SYSVOL it CAN/WILL get very messy. To re-initialize the SYSVOL on all DCs you could do the following:
EXECUTE THIS PROCEDURE VERY CAREFULLY!!!!!->TRY THIS FIRST IN A TEST ENVIRONMENT!!! For more information see http://support.microsoft.com/default.aspx?scid=kb;EN-US;290762 * Stop FRS service on all DCs -> SYSVOL is still available but no FRS repl. Occurs! * Choose one DC to be the AUTHORITATIVE DC for FRS... My first option would be the DC with the PDC FSMO. All other DCs then MUST BE NON-AUTHORITATIVE * On the AUTHORITATIVE DC configure the SYSVOL as you would like it to be * Using the registry editor configure the AUTHORITATIVE DC with the following (see also the remark below!): * KEY: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Cumula tive Replica Sets\<GUID of the SYSVOL> (To locate the GUID of the SYSVOL go to the following key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Repli ca Sets\<GUID>" to see which one has the Replica Set Name "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)") * VALUE NAME: BurFlags (should already be present!) * VALUE TYPE: REG_DWORD * VALUE DATA: D4 (HEX)(= authoritative value) * Start the FRS service on the AUTHORITATIVE DC. This DC reconfigures the SYSVOL and wants to replicate the contents of the SYSVOL to other DCs! This will not happen until you first configure the FRS service and after that start it * Using the registry editor configure the NON-AUTHORITATIVE DCs with the following (see also the remark below!): * KEY: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Cumula tive Replica Sets\<GUID of the SYSVOL> (To locate the GUID of the SYSVOL go to the following key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Repli ca Sets\<GUID>" to see which one has the Replica Set Name "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)") * VALUE NAME: BurFlags (should already be present!) * VALUE TYPE: REG_DWORD * VALUE DATA: D2 (HEX)(= non-authoritative value) * Start the FRS service on the NON-AUTHORITATIVE DCs. These DCs throw their SYSVOL contents in a sub folder called "Pre-Existing_Something...." and want to receive new SYSVOL contents from another DC that ALREADY have an "healthy" SYSVOL. Keep in mind that you re-initialize the NON-AUTHORITATIVE DCs in the correct order. Always be sure that a DC that needs to receive the new SYSVOL has an inbound replication partner that already has populated its SYSVOL. If you don't do this correct, it may take some additional time before a certain DC gets the new SYSVOL contents. Keep also in mind that replication schedules will slow down the population of a DC in another site. To enable immediate replication you could open up the schedules. With NTFRSUTL you can force FRS replication but NOT when you've configured the BurFlags key! (don't ask why because I don't know ;-)) ) REMARKS: The BurFlags is available in two locations: * HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Cumula tive Replica Sets\<GUID of the SYSVOL>. This one reinitializes the particular FRS replica set on that particular member replica * HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup /Restore\Process at Startup. This one reinitializes ALL the FRS replica sets the particular member replica is holding!!! This way users should experience the minimum disturbance (if none) because the SYSVOL is always available, except for a moment after the FRS service is re-initialized and started. Until the SYSVOL has been populated a disturbance could occur when a user logs on and needs the SYSVOL from a DC that is rebuilding the SYSVOL contents. You could also do this after working hours. Jorge de Almeida Pinto Microsoft Infrastructure Consultant NOTE: This posting is provided "AS IS" with no warranties and with no rights! -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ruston, Neil Sent: maandag 8 november 2004 12:45 To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Removing read only folder attributes in SYSVOL I have encountered an issue where FRS is generating a huge amount of network traffic, as a result of certain SYSVOL folders having their read only attribute updated on a *very* regular basis. Whilst I do not (yet) understand why only certain folders are r/o and why this generates so much network traffic, I would like to remove the r/o flag and thus reduce the amount of FRS traffic generated. Unfortunately (and not surprisingly) a simple removal of a r/o flag on one DC is quickly reverted back. Does anyone have any suggestions for tackling this issue, without for example, stopping FRS on all (78) DCs and changing the flag on all of these DCs before starting the FRS service again (which we believe will work, but represents a huge disruption to the environment). Has anyone encountered a similar issue before? If so, what caused r/o flag to be updated so frequently? Any suggestions are gratefully appreciated :) Thanks, neil Neil Ruston MVP (AD) Consultant, London ============================================================================ == This message is for the sole use of the intended recipient. If you received this message in error please delete it and notify us. If this message was misdirected, CSFB does not waive any confidentiality or privilege. CSFB retains and monitors electronic communications sent through its network. Instructions transmitted over this system are not binding on CSFB until they are confirmed by us. Message transmission is not guaranteed to be secure. ============================================================================ == List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
