| Author |
 Topic  |
|
|
Michael
Old Timer
USA
608 Posts
Status: offline |
 Posted - 05/16/2012 : 10:34:34 AM
|
I found 2 post on here (one was mine from 3-2011) asking why Sysvol was not being shared, when 2008r2 was added to 2003 domain. I feel sure I could use the registry hack of the Flag and D4... to make this work but would like to understand why it did not from the start. These servers are not in production at this time, just setting up at my shop. 2 new out of box Dell 410 2008r2, connected with 4 port router, nothing else talking to them.
I set Server1 up as AD, then set Server2 up, join domain, then promote to DC.
? - When I promoted Server2 I stayed with defaults, one of which had DNS enabled and noted that Server1 had DNS too. Server2 does have primary DNS pointing to Server1 and secondary pointing back to itself 127.0.0.1 (I add this because Wkasdo had concerns of this setup in my post from 3-2011)
All Firewall are turned off of both servers, the Domain firewall came on Server2 when promoted but was disabled.
As it stands now the servers do not see each other in network.
When I run Repadmin /showreps from each server they do see the other.
But the sysvol is not shared on either server. So what caused this or what am I doing to cause it? What is the best way to get them talking to each other, the registry hack?
Thanks
Michael
|
|
|
wkasdo
Administrator
Netherlands
7424 Posts
Status: offline |
Posted - 05/16/2012 : 11:05:32 AM
|
Reading your post I'm assuming that this is a new Windows 2008 R2 forest and domain. In that case, SYSVOL is using DFSR, not FRS. Check for errors in the DFSR log.
* How exactly did you determine that SYSVOL is not shared?
* can you post the output of repadmin /replsum?
|
Make it as simple as you can, but not simpler -- Albert Einstein |
 |
|
|
Michael
Old Timer
USA
608 Posts
Status: offline |
Posted - 05/16/2012 : 5:53:57 PM
|
Thanks for the reply Wkasdo,
*Yes this is new forest and domain
*I looked at the DFSR log on Server1, do not know what I was looking at or for but it did not see anything about Server2 in there.
* Repadmin /replsum
From Server1
C:\>repadmin /replsum
Replication Summary Start Time: 2012-05-16 14:34:15
Beginning data collection for replication summary, this may take awhile:
.....
Source DSA largest delta fails/total %% error
SRV-1 46m:58s 0 / 5 0
SRV-2 46m:26s 0 / 5 0
Destination DSA largest delta fails/total %% error
SRV-1 46m:26s 0 / 5 0
SRV-2 46m:58s 0 / 5 0
From Server2
C:\>repadmin /replsum
Replication Summary Start Time: 2012-05-16 14:36:39
Beginning data collection for replication summary, this may take awhile:
.....
Source DSA largest delta fails/total %% error
SRV-1 49m:22s 0 / 5 0
SRV-2 48m:50s 0 / 5 0
Destination DSA largest delta fails/total %% error
SRV-1 48m:50s 0 / 5 0
SRV-2 49m:22s 0 / 5 0
* How did I determine Sysvol not shared.
I would think it should show in My Computer as I have seen in the past.
But the reason I started looking was... I setup WSUS on Server2 and make some edits to the Policy for updates. When I looked at Server1 to see if it replicated to it I did not see the change in the Policy. that is when I started looking.
Thanks,
Michael |
|
|
|
wkasdo
Administrator
Netherlands
7424 Posts
Status: offline |
Posted - 05/17/2012 : 10:35:32 AM
|
So AD replication is fine, which is a good start. Chances are that SYSVOL replication is OK as well then, because DFSR is much more reliable than FRS.
To see if SYSVOL is shared, type "net share" from the command prompt. If it shows up (and I expect it will), the problem with your WSUS policy is elsewhere. But let's take it one step at the time. |
Make it as simple as you can, but not simpler -- Albert Einstein |
|
|
|
Michael
Old Timer
USA
608 Posts
Status: offline |
Posted - 05/17/2012 : 5:42:29 PM
|
You said the AD is replicating because of the repadmin /replsum results ?
I did the net share and it does list Sysvol as shared.
I made a text file, on Server1 saved in C:\windows\sysvol, it did not go to the sysvol on Server2 ?
I setup a testuser account in AD Users on Server1 and it did show up in AD Users on Server2
I checked Server2 to see where I had done the Policy change for WSUS, I had done local group policy edit...that should change on both server if everything is working correct...right?
I still do not see either server on the network?
Thanks
Michael |
|
|
|
wkasdo
Administrator
Netherlands
7424 Posts
Status: offline |
Posted - 05/18/2012 : 02:50:03 AM
|
> You said the AD is replicating because of the repadmin /replsum results ?
That's right.
> I did the net share and it does list Sysvol as shared.
So the share is there, and is usable for the world.
> I made a text file, on Server1 saved in C:\windows\sysvol, it did not go to the sysvol on Server2 ?
That's the wrong spot. You need: \\server1.your.domain.com\sysvol\your.domain.com
> I setup a testuser account in AD Users on Server1 and it did show up in AD Users on Server2
Right, proving that replication works.
> I checked Server2 to see where I had done the Policy change for WSUS, I had done local group policy edit...that should change on both server if everything is working correct...right?
I suspected as much :-)
No, local policies do not replicate. Ever. You need to fire up the GPMC, create a policy in the domain, link it where needed, and edit it. So try that, and see how that goes.
> I still do not see either server on the network?
Ah. Sounds like browsing Network Neighbourhood? Welcome to the new decennium where the Netbios Browser is disabled by default... In other words, not a problem.
|
Make it as simple as you can, but not simpler -- Albert Einstein |
|
|
|
Michael
Old Timer
USA
608 Posts
Status: offline |
Posted - 08/09/2012 : 10:52:45 AM
|
I got the 2 servers to see each other at my shop by turning on about 4 services (do not have the list with me now) but when I got on-site the winxp workstations do not see the servers (I enabled the "netbios over TC/IP on the XP box) and the servers do not see the workstations when I browse the network. I can join the domain and type the UNC path and connect to shares.
I enabled the "computer browser" service on one of the servers and now I can see everything. So I turned it on both servers, will there be a problem with it running on both DC?
Also I will get you a list of the other services I had enabled, if they are not needed I will stop them.
Thanks,
Michael |
|
|
| |
Topic |
|
Sysvol not shared between new servers
