Hot to: Relocate an existing SYSVOL share to a new location
1. Confirm that inbound and outbound replication is occurring for
Active Directory on the target DC.
2. Confirm that inbound and outbound FRS replication is occurring for
SYSVOL on the target DC.
3. Create a Backup of SYSTEM STATE and the SYSVOL tree so the domain
controller can be returned to its current state in the event that
problems are encountered.
4. Disable any Antivirus services scanning the SYSVOL tree.
5. Stop the FRS Service
6. Using Explorer or equivalent, copy the original SYSVOL tree structure to
the clipboard
Old Location: Highlight the c:\winnt\sysvol folder and select EDIT ->
COPY
7. Using Explorer or equivalent, paste the SYSVOL share to the new location.
Create any missing parent directories (D:\WINNT in this case) to maintain
the same relative path on the new drive as the original sysvol
path(easiest).
D:\WINNT directory with mouse
Select EDIT -> PASTE
8. Verify the new SYSVOL tree for completeness
Compare the directory structure, files and junction points in the new SYSVOL
tree created in step #4 to the original tree used in step #3.
If folders such as \SCRIPTS are missing from the tree, recreate them.
Use the DIR command against the "Drive:\Path\SYSVOL\SYSVOL" and
"Drive:\Path\SYSVOL\Staging Areas" paths to verify that junction points are
in place (evidenced by the "JUNCTION" string in the DIR output).
D:\WINNT\SYSVOL\sysvol>dir
06/26/2001 01:23p <DIR> .
06/26/2001 01:23p <DIR> ..
06/26/2001 01:23p <JUNCTION> a.com
D:\WINNT\SYSVOL\staging areas>dir
06/26/2001 01:23p <DIR> .
06/26/2001 01:23p <DIR> ..
06/26/2001 01:23p <JUNCTION> a.com
If either of two junction points is missing use the LINKD.EXE example below
to recreate them.
c:\>Linkd d:\winnt\sysvol\<fully qualified domain name>
<drive>\<path>\sysvol\sysvol
For example, the junction point for a SYSVOL share moved to the D:\WINNT
directory in the A.COM domain would be:
d:\winnt\sysvol\sysvol>Linkd D:\winnt\sysvol\a.com
d:\winnt\sysvol\sysvol
9. Update the registry path for SYSVOL in the NETLOGON key In REGEDT32,
modify value for the "SYSVOL" path under
HKLM\SYSTEM\CCS\Services\NETLOGON\Parameters\SYSVOL to reflect the new
path: d:\winnt\sysvol\sysvol
10. Configure FRS to perform a non-authoritative restore for the SYSVOL
replica set. Using REGEDT32, locate the path
HKLM\SYSTEM\CCS\Services\NTFRS\Parameters\Backup/Restore\Process at
Startup and set the BURFLAGS registry value to "D2" hex If the domain
controller hosts any FRS replicated DFS directories, consider using the
replica set specific BURFLAGS registry key described in MSKB Article
Q290762 to prevent a temporary denial of service and re-replication of
data in DFS roots and / or links.
11. Modify the FRSRootPath attribute in Active Directory Using LDP.EXE,
set the FRSRootPath attribute to the directory used in Step #4. The DN
path for FRSRootPath is: cn=Domain System Volume (SYSVOL shre),CN=NTFRS
Subscriptions,CN=<DCNAME>,OU=Domain Controller,DC=<domain name>
12. Modify the FRSStagingPath attribute in Active Directory Using
LDP.EXE, set the FRSRootPath attribute to the directory used in Step
#4. The DN path for FRSRootPath is: cn=Domain System Volume (SYSVOL
shre),CN=NTFRS Subscriptions,CN=<DCNAME>,OU=Domain
Controller,DC=<domain name>
13. Apply permissions to SYSVOL directory
Verify whether permission copied over. It could be that dir was copied over
the net from an healthy dc and that we didn't get permissions
Create SYSVOL.INF
[start copy here]
[Unicode]
Unicode=yes
[Version]
signature="$CHICAGO$"
Revision=1
[Profile Description]
Description=default perms for sysvol
[File Security]
;"%SystemRoot%\SYSVOL",0,"D:AR(A;OICI;FA;;;BA)"
;---------------------------------------------------------------------------
------------------
;Sysvol. THIS ENVIRONMENT VARIABLE MUST BE SET!!!!!!!!!!!!!!!!!!!!!!!!!
;---------------------------------------------------------------------------
------------------
"%Sysvol%",2,"D
(A;CIOI;GRGX;;;AU)(A;CIOI;GRGX;;;SO)(A;CIOI;GA;;;BA)(A;CIOI
;GA;;;SY)(A;CIOI;GA;;;CO)"
"%Sysvol%\domain\policies",2,"D
(A;CIOI;GRGX;;;AU)(A;CIOI;GRGX;;;SO)(A;CIOI
;GA;;;BA)(A;CIOI;GA;;;SY)(A;CIOI;GA;;;CO)(A;CIOI;GRGWGXSD;;;PA)"
[end copy here]
SECEDIT /Configure /cfg %sectemplatepath%\sysvol.inf /db
%sectemplatepath%\sysvol.db
Add /overwrite switch to this...
14. Restart the FRS Service
15. Monitor the FRS event log
--Shawn
This posting is provided "AS IS" with no warranties and confers no rights.
