(2010-08-12) Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 3)
Posted by Jorge on 2010-08-12
This post focuses on restoring the SYSVOL when replicated through the DFS-R mechanism. For the previous posts see here and here.
SYSVOL Replicated Through DFS-R – Authoritative Restore – Steps To Take
To perform an authoritative restore of the SYSVOL when using DFS-R, use the following steps:
- Start the Registry Editor
- Navigate to "HKLM\SYSTEM\CurrentControlSet\Services\DFSR"
- Create a key called "Restore" (only time only)
- Create a string value called "SYSVOL" (only time only)
- For the string value called "SYSVOL" assign the value of authoritative
- Navigate to "HKLM\SYSTEM\CurrentControlSet\Control\BackupRestore"
- Create a key called "SystemStateRestore" (only time only)
- Create a string value called "LastRestoreId" (only time only)
- For the string value called "LastRestoreId" [1] assign the value of 10000000-0000-0000-0000-000000000000
- Stop the DFSR Service
- Start the DFSR Service
From the command-line the same can be achieved through:
- REG ADD "HKLM\SYSTEM\CurrentControlSet\Services\DFSR\Restore" /v SYSVOL /t REG_SZ /d "authoritative" /f
- [1] REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\BackupRestore\SystemStateRestore" /v LastRestoreId /t REG_SZ /d "10000000-0000-0000-0000-000000000000" /f
- NET STOP DFSR
- NET START DFSR
[1] When a backup application performs a system state restore, it must indicate that it has done so by setting the LastRestoreId registry value. The LastRestoreId is a GUID that is formatted as 00000000-0000-0000-0000-000000000000. The GUID has to be different each time a restore is requested. For example, if you have the LastRestoreId set as 10000000-0000-0000-0000-000000000000, for the next restore you have to set it to a different GUID, such as 20000000-0000-0000-0000-000000000000. For more information about setting LastRestoreId, see Registry Keys and Values for Backup and Restore.
As soon as the DFS-R Service starts, the following events appear with information about the non-authoritative restore.
Event ID 2109
Event ID 2110
Event ID 4106
Event ID 4108
SYSVOL Replicated Through DFS-R – Non-Authoritative Restore – Steps To Take
To perform a non-authoritative restore of the SYSVOL when using DFS-R, use the following steps:
- Start the Registry Editor
- Navigate to "HKLM\SYSTEM\CurrentControlSet\Services\DFSR"
- Create a key called "Restore" (only time only)
- Create a string value called "SYSVOL" (only time only)
- For the string value called "SYSVOL" assign the value of non-authoritative
- Navigate to "HKLM\SYSTEM\CurrentControlSet\Control\BackupRestore"
- Create a key called "SystemStateRestore" (only time only)
- Create a string value called "LastRestoreId" (only time only)
- For the string value called "LastRestoreId" [1] assign the value of 10000000-0000-0000-0000-000000000000
- Stop the DFSR Service
- Start the DFSR Service
From the command-line the same can be achieved through:
- REG ADD "HKLM\SYSTEM\CurrentControlSet\Services\DFSR\Restore" /v SYSVOL /t REG_SZ /d "non-authoritative" /f
- [1] REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\BackupRestore\SystemStateRestore" /v LastRestoreId /t REG_SZ /d "10000000-0000-0000-0000-000000000000" /f
- NET STOP DFSR
- NET START DFSR
[1] When a backup application performs a system state restore, it must indicate that it has done so by setting the LastRestoreId registry value. The LastRestoreId is a GUID that is formatted as 00000000-0000-0000-0000-000000000000. The GUID has to be different each time a restore is requested. For example, if you have the LastRestoreId set as 10000000-0000-0000-0000-000000000000, for the next restore you have to set it to a different GUID, such as 20000000-0000-0000-0000-000000000000. For more information about setting LastRestoreId, see Registry Keys and Values for Backup and Restore.
As soon as the DFS-R Service starts, the following events appear with information about the non-authoritative restore.
Event ID 2109
Event ID 2110
Event ID 4110
Event ID 4102
Event ID 4604
–
Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: https://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————
Jorge's Quest For Knowledge! 
PlaceHolder_After_Migration said
Good post Jorg. I have a question around SYSVOL recovery in a 2003 forest but with miz of 2003 and 2008 R2 DCs. Is there anything different you need to consider when it comes to DR of SYSVOL ?
DFS-R is only available once the forest has been switched to 2008 and all DCs are 2008, does this mean up to this time you would use exactly same recovery process as you would with all DCs running 2003 ?
thanks
LikeLike
PlaceHolder_After_Migration said
Hi,
How to find valid value for LastRestoreId?
Regards
LikeLike
Jorge said
the GUID just needs to be different!
LikeLike
Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 1) « Jorge's Quest For Knowledge! said
[…] For the post on restoring the SYSVOL when replicated through the DFS-R mechanism see here. […]
LikeLike
(2010-08-12) Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 2) « Jorge's Quest For Knowledge! said
[…] This post focusses on restoring the SYSVOL when replicated through the NTFRS mechanism. For the previous post see here and for the next post see here. […]
LikeLike
(2011-06-22) Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 4) « Jorge's Quest For Knowledge! said
[…] Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 3) […]
LikeLike
DFSR and SYSVOL Trouble After a Hard Shutdown – Tips and help for taming a wild computer. said
[…] https://jorgequestforknowledge.wordpress.com/2010/08/12/restoring-the-sysvol-non-authoritatively-when… […]
LikeLike
mahesh1000Mahesh said
Hi,
Great article working…
But is their any supported TechNet article for above procedure please ?
LikeLike
Daniel Hayward said
You are simply amazing… performing the above authoritative restore has fixed my Sysvol issues… now I just need to figure out why I don’t have netlogon shared!
LikeLike
Jorge said
assuming, it w2k8, have you seen: http://support.microsoft.com/kb/947022
I’m reading you did an auth restore. Shouldn’t you have done a non-auth restore? Why did you do an auth restore? What was the problem?
LikeLike
Daniel Hayward said
Restart the netlogon service… doh! Far too late for this!!!
LikeLike
SYSVOL and Netlogon not replicating to new 2012 Server said
[…] I had some Replication issues a few weeks ago and needed to do an Authorative restore as per: (2010-08-12) Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 3) «… […]
LikeLike
תיקיית SYSVOL חסרה : מיגרציה מ SBS said
[…] חומר עיוני נוסף כאן […]
LikeLike