Receiving a File Replication Service error on 2 DC's.

Tutorials Win: Microsoft Windows Forum

The 2 domain controllers receive Event ID's 13555 and 13552 every day a
couple of times. Restarting the services did not fix the issue. All domain
controllers are running Windows 2003 Standard sp1. These servers were cloned
about 5 months ago on new hardware and that's when the problem started. We
will be applying service pack 2 later today in hopes of fixing the issue. I
would like other alternatives to try and remedy the problem instead of what
the logs say.

Event ID 13555

The File Replication Service is in an error state. Files will not replicate
to or from one or all of the replica sets on this computer until the
following recovery steps are performed:

Recovery Steps:

[1] The error state may clear itself if you stop and restart the FRS
service. This can be done by performing the following in a command window:

net stop ntfrs
net start ntfrs

If this fails to clear up the problem then proceed as follows.

[2] For Active Directory Domain Controllers that DO NOT host any DFS
alternates or other replica sets with replication enabled:

If there is at least one other Domain Controller in this domain then restore
the "system state" of this DC from backup (using ntbackup or other
backup-restore utility) and make it non-authoritative.

If there are NO other Domain Controllers in this domain then restore the
"system state" of this DC from backup (using ntbackup or other backup-restore
utility) and choose the Advanced option which marks the sysvols as primary.

If there are other Domain Controllers in this domain but ALL of them have
this event log message then restore one of them as primary (data files from
primary will replicate everywhere) and the others as non-authoritative.


[3] For Active Directory Domain Controllers that host DFS alternates or
other replica sets with replication enabled:

(3-a) If the Dfs alternates on this DC do not have any other replication
partners then copy the data under that Dfs share to a safe location.
(3-b) If this server is the only Active Directory Domain Controller for
this domain then, before going to (3-c), make sure this server does not have
any inbound or outbound connections to other servers that were formerly
Domain Controllers for this domain but are now off the net (and will never be
coming back online) or have been fresh installed without being demoted. To
delete connections use the Sites and Services snapin and look for
Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS Settings->CONNECTIONS.
(3-c) Restore the "system state" of this DC from backup (using ntbackup or
other backup-restore utility) and make it non-authoritative.
(3-d) Copy the data from step (3-a) above to the original location after
the sysvol share is published.


[4] For other Windows servers:

(4-a) If any of the DFS alternates or other replica sets hosted by this
server do not have any other replication partners then copy the data under
its share or replica tree root to a safe location.
(4-b) net stop ntfrs
(4-c) rd /s /q c:\windows\ntfrs\jet
(4-d) net start ntfrs
(4-e) Copy the data from step (4-a) above to the original location after
the service has initialized (5 minutes is a safe waiting time).

Note: If this error message is in the eventlog of all the members of a
particular replica set then perform steps (4-a) and (4-e) above on only one
of the members.

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.


Event ID: 13552

The File Replication Service is unable to add this computer to the following
replica set:
"DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"

This could be caused by a number of problems such as:
-- an invalid root path,
-- a missing directory,
-- a missing disk volume,
-- a file system on the volume that does not support NTFS 5.0

The information below may help to resolve the problem:
Computer DNS name is "mcgcpdc.co.mchenry.il.us"
Replica set member name is "MCGCPDC"
Replica set root path is "c:\windows\sysvol\domain"
Replica staging directory path is "c:\windows\sysvol\staging\domain"
Replica working directory path is "c:\windows\ntfrs\jet"
Windows error status code is
FRS error status code is FrsErrorMismatchedJournalId

Other event log messages may also help determine the problem. Correct the
problem and the service will attempt to restart replication automatically at
a later time.

For more information, see Help and Support Center at
Top

Re: Receiving a File Replication Service error on 2 DC's. by Paul

Paul
Thu Mar 27 05:54:30 PDT 2008

I'm going to guess this occurred from doing a clone of your dc's, this is
not supported and can create issues with replication (NTDS), which is what
it sounds like you are experiencing (There are ways to make this work but
you have to shut off replication). Odd thing is I have only heard of this
happening against NTDS not NTFRS, so I can't tell you this is what caused
the issue, never the less read the following article on the fallout from
such an approach.
http://support.microsoft.com/?id=875495

I would recommend by starting with a non-authoritative restore of your
sysvol. I would start by making sure the DC you perform this on is treated
as the authoritative one and set the burflg setting to D4.

See:
http://support.microsoft.com/kb/315457/



--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"Eric Guzman" <Eric Guzman@discussions.microsoft.com> wrote in message
news:75CD313D-F26A-487F-9879-39A5872C7ED0@microsoft.com...
> The 2 domain controllers receive Event ID's 13555 and 13552 every day a
> couple of times. Restarting the services did not fix the issue. All
> domain
> controllers are running Windows 2003 Standard sp1. These servers were
> cloned
> about 5 months ago on new hardware and that's when the problem started.
> We
> will be applying service pack 2 later today in hopes of fixing the issue.
> I
> would like other alternatives to try and remedy the problem instead of
> what
> the logs say.
>
> Event ID 13555
>
> The File Replication Service is in an error state. Files will not
> replicate
> to or from one or all of the replica sets on this computer until the
> following recovery steps are performed:
>
> Recovery Steps:
>
> [1] The error state may clear itself if you stop and restart the FRS
> service. This can be done by performing the following in a command window:
>
> net stop ntfrs
> net start ntfrs
>
> If this fails to clear up the problem then proceed as follows.
>
> [2] For Active Directory Domain Controllers that DO NOT host any DFS
> alternates or other replica sets with replication enabled:
>
> If there is at least one other Domain Controller in this domain then
> restore
> the "system state" of this DC from backup (using ntbackup or other
> backup-restore utility) and make it non-authoritative.
>
> If there are NO other Domain Controllers in this domain then restore the
> "system state" of this DC from backup (using ntbackup or other
> backup-restore
> utility) and choose the Advanced option which marks the sysvols as
> primary.
>
> If there are other Domain Controllers in this domain but ALL of them have
> this event log message then restore one of them as primary (data files
> from
> primary will replicate everywhere) and the others as non-authoritative.
>
>
> [3] For Active Directory Domain Controllers that host DFS alternates or
> other replica sets with replication enabled:
>
> (3-a) If the Dfs alternates on this DC do not have any other replication
> partners then copy the data under that Dfs share to a safe location.
> (3-b) If this server is the only Active Directory Domain Controller for
> this domain then, before going to (3-c), make sure this server does not
> have
> any inbound or outbound connections to other servers that were formerly
> Domain Controllers for this domain but are now off the net (and will never
> be
> coming back online) or have been fresh installed without being demoted. To
> delete connections use the Sites and Services snapin and look for
> Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS Settings->CONNECTIONS.
> (3-c) Restore the "system state" of this DC from backup (using ntbackup or
> other backup-restore utility) and make it non-authoritative.
> (3-d) Copy the data from step (3-a) above to the original location after
> the sysvol share is published.
>
>
> [4] For other Windows servers:
>
> (4-a) If any of the DFS alternates or other replica sets hosted by this
> server do not have any other replication partners then copy the data under
> its share or replica tree root to a safe location.
> (4-b) net stop ntfrs
> (4-c) rd /s /q c:\windows\ntfrs\jet
> (4-d) net start ntfrs
> (4-e) Copy the data from step (4-a) above to the original location after
> the service has initialized (5 minutes is a safe waiting time).
>
> Note: If this error message is in the eventlog of all the members of a
> particular replica set then perform steps (4-a) and (4-e) above on only
> one
> of the members.
>
> For more information, see Help and Support Center at
> http://go.microsoft.com/fwlink/events.asp.
>
>
> Event ID: 13552
>
> The File Replication Service is unable to add this computer to the
> following
> replica set:
> "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
>
> This could be caused by a number of problems such as:
> -- an invalid root path,
> -- a missing directory,
> -- a missing disk volume,
> -- a file system on the volume that does not support NTFS 5.0
>
> The information below may help to resolve the problem:
> Computer DNS name is "mcgcpdc.co.mchenry.il.us"
> Replica set member name is "MCGCPDC"
> Replica set root path is "c:\windows\sysvol\domain"
> Replica staging directory path is "c:\windows\sysvol\staging\domain"
> Replica working directory path is "c:\windows\ntfrs\jet"
> Windows error status code is
> FRS error status code is FrsErrorMismatchedJournalId
>
> Other event log messages may also help determine the problem. Correct the
> problem and the service will attempt to restart replication automatically
> at
> a later time.
>
> For more information, see Help and Support Center at


Top

Re: Receiving a File Replication Service error on 2 DC's. by EricGuzman

EricGuzman
Thu Mar 27 06:07:00 PDT 2008

I will actually be building 2 new domain controllers and moving all FMSO
roles, DNS, WINS, and DHCP off all the current domain controllers and
eventually decomission them and only having the 2 new Domain Controllers. Do
you think this will resolve my issues?

"Paul Bergson [MVP-DS]" wrote:

> I'm going to guess this occurred from doing a clone of your dc's, this is
> not supported and can create issues with replication (NTDS), which is what
> it sounds like you are experiencing (There are ways to make this work but
> you have to shut off replication). Odd thing is I have only heard of this
> happening against NTDS not NTFRS, so I can't tell you this is what caused
> the issue, never the less read the following article on the fallout from
> such an approach.
> http://support.microsoft.com/?id=875495
>
> I would recommend by starting with a non-authoritative restore of your
> sysvol. I would start by making sure the DC you perform this on is treated
> as the authoritative one and set the burflg setting to D4.
>
> See:
> http://support.microsoft.com/kb/315457/
>
>
>
> --
> Paul Bergson
> MVP - Directory Services
> MCT, MCSE, MCSA, Security+, BS CSci
> 2008, 2003, 2000 (Early Achiever), NT4
>
> http://www.pbbergs.com
>
> Please no e-mails, any questions should be posted in the NewsGroup
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
> "Eric Guzman" <Eric Guzman@discussions.microsoft.com> wrote in message
> news:75CD313D-F26A-487F-9879-39A5872C7ED0@microsoft.com...
> > The 2 domain controllers receive Event ID's 13555 and 13552 every day a
> > couple of times. Restarting the services did not fix the issue. All
> > domain
> > controllers are running Windows 2003 Standard sp1. These servers were
> > cloned
> > about 5 months ago on new hardware and that's when the problem started.
> > We
> > will be applying service pack 2 later today in hopes of fixing the issue.
> > I
> > would like other alternatives to try and remedy the problem instead of
> > what
> > the logs say.
> >
> > Event ID 13555
> >
> > The File Replication Service is in an error state. Files will not
> > replicate
> > to or from one or all of the replica sets on this computer until the
> > following recovery steps are performed:
> >
> > Recovery Steps:
> >
> > [1] The error state may clear itself if you stop and restart the FRS
> > service. This can be done by performing the following in a command window:
> >
> > net stop ntfrs
> > net start ntfrs
> >
> > If this fails to clear up the problem then proceed as follows.
> >
> > [2] For Active Directory Domain Controllers that DO NOT host any DFS
> > alternates or other replica sets with replication enabled:
> >
> > If there is at least one other Domain Controller in this domain then
> > restore
> > the "system state" of this DC from backup (using ntbackup or other
> > backup-restore utility) and make it non-authoritative.
> >
> > If there are NO other Domain Controllers in this domain then restore the
> > "system state" of this DC from backup (using ntbackup or other
> > backup-restore
> > utility) and choose the Advanced option which marks the sysvols as
> > primary.
> >
> > If there are other Domain Controllers in this domain but ALL of them have
> > this event log message then restore one of them as primary (data files
> > from
> > primary will replicate everywhere) and the others as non-authoritative.
> >
> >
> > [3] For Active Directory Domain Controllers that host DFS alternates or
> > other replica sets with replication enabled:
> >
> > (3-a) If the Dfs alternates on this DC do not have any other replication
> > partners then copy the data under that Dfs share to a safe location.
> > (3-b) If this server is the only Active Directory Domain Controller for
> > this domain then, before going to (3-c), make sure this server does not
> > have
> > any inbound or outbound connections to other servers that were formerly
> > Domain Controllers for this domain but are now off the net (and will never
> > be
> > coming back online) or have been fresh installed without being demoted. To
> > delete connections use the Sites and Services snapin and look for
> > Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS Settings->CONNECTIONS.
> > (3-c) Restore the "system state" of this DC from backup (using ntbackup or
> > other backup-restore utility) and make it non-authoritative.
> > (3-d) Copy the data from step (3-a) above to the original location after
> > the sysvol share is published.
> >
> >
> > [4] For other Windows servers:
> >
> > (4-a) If any of the DFS alternates or other replica sets hosted by this
> > server do not have any other replication partners then copy the data under
> > its share or replica tree root to a safe location.
> > (4-b) net stop ntfrs
> > (4-c) rd /s /q c:\windows\ntfrs\jet
> > (4-d) net start ntfrs
> > (4-e) Copy the data from step (4-a) above to the original location after
> > the service has initialized (5 minutes is a safe waiting time).
> >
> > Note: If this error message is in the eventlog of all the members of a
> > particular replica set then perform steps (4-a) and (4-e) above on only
> > one
> > of the members.
> >
> > For more information, see Help and Support Center at
> > http://go.microsoft.com/fwlink/events.asp.
> >
> >
> > Event ID: 13552
> >
> > The File Replication Service is unable to add this computer to the
> > following
> > replica set:
> > "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
> >
> > This could be caused by a number of problems such as:
> > -- an invalid root path,
> > -- a missing directory,
> > -- a missing disk volume,
> > -- a file system on the volume that does not support NTFS 5.0
> >
> > The information below may help to resolve the problem:
> > Computer DNS name is "mcgcpdc.co.mchenry.il.us"
> > Replica set member name is "MCGCPDC"
> > Replica set root path is "c:\windows\sysvol\domain"
> > Replica staging directory path is "c:\windows\sysvol\staging\domain"
> > Replica working directory path is "c:\windows\ntfrs\jet"
> > Windows error status code is
> > FRS error status code is FrsErrorMismatchedJournalId
> >
> > Other event log messages may also help determine the problem. Correct the
> > problem and the service will attempt to restart replication automatically
> > at
> > a later time.
> >
> > For more information, see Help and Support Center at
>
>
>
Top

Re: Receiving a File Replication Service error on 2 DC's. by Jorge

Jorge
Thu Mar 27 06:13:26 PDT 2008

USN rollback occur both in AD and the SYSVOL when restoring images of DCs...

see:
http://blogs.dirteam.com/blogs/jorge/archive/2006/03/08/597.aspx

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* How to ask a question --> http://support.microsoft.com/?id=555375
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"Eric Guzman" <EricGuzman@discussions.microsoft.com> wrote in message
news:256396F4-AF66-4AF3-8DEE-94E88D8276A2@microsoft.com...
>I will actually be building 2 new domain controllers and moving all FMSO
> roles, DNS, WINS, and DHCP off all the current domain controllers and
> eventually decomission them and only having the 2 new Domain Controllers.
> Do
> you think this will resolve my issues?
>
> "Paul Bergson [MVP-DS]" wrote:
>
>> I'm going to guess this occurred from doing a clone of your dc's, this is
>> not supported and can create issues with replication (NTDS), which is
>> what
>> it sounds like you are experiencing (There are ways to make this work but
>> you have to shut off replication). Odd thing is I have only heard of
>> this
>> happening against NTDS not NTFRS, so I can't tell you this is what caused
>> the issue, never the less read the following article on the fallout from
>> such an approach.
>> http://support.microsoft.com/?id=875495
>>
>> I would recommend by starting with a non-authoritative restore of your
>> sysvol. I would start by making sure the DC you perform this on is
>> treated
>> as the authoritative one and set the burflg setting to D4.
>>
>> See:
>> http://support.microsoft.com/kb/315457/
>>
>>
>>
>> --
>> Paul Bergson
>> MVP - Directory Services
>> MCT, MCSE, MCSA, Security+, BS CSci
>> 2008, 2003, 2000 (Early Achiever), NT4
>>
>> http://www.pbbergs.com
>>
>> Please no e-mails, any questions should be posted in the NewsGroup
>> This posting is provided "AS IS" with no warranties, and confers no
>> rights.
>>
>> "Eric Guzman" <Eric Guzman@discussions.microsoft.com> wrote in message
>> news:75CD313D-F26A-487F-9879-39A5872C7ED0@microsoft.com...
>> > The 2 domain controllers receive Event ID's 13555 and 13552 every day a
>> > couple of times. Restarting the services did not fix the issue. All
>> > domain
>> > controllers are running Windows 2003 Standard sp1. These servers were
>> > cloned
>> > about 5 months ago on new hardware and that's when the problem started.
>> > We
>> > will be applying service pack 2 later today in hopes of fixing the
>> > issue.
>> > I
>> > would like other alternatives to try and remedy the problem instead of
>> > what
>> > the logs say.
>> >
>> > Event ID 13555
>> >
>> > The File Replication Service is in an error state. Files will not
>> > replicate
>> > to or from one or all of the replica sets on this computer until the
>> > following recovery steps are performed:
>> >
>> > Recovery Steps:
>> >
>> > [1] The error state may clear itself if you stop and restart the FRS
>> > service. This can be done by performing the following in a command
>> > window:
>> >
>> > net stop ntfrs
>> > net start ntfrs
>> >
>> > If this fails to clear up the problem then proceed as follows.
>> >
>> > [2] For Active Directory Domain Controllers that DO NOT host any DFS
>> > alternates or other replica sets with replication enabled:
>> >
>> > If there is at least one other Domain Controller in this domain then
>> > restore
>> > the "system state" of this DC from backup (using ntbackup or other
>> > backup-restore utility) and make it non-authoritative.
>> >
>> > If there are NO other Domain Controllers in this domain then restore
>> > the
>> > "system state" of this DC from backup (using ntbackup or other
>> > backup-restore
>> > utility) and choose the Advanced option which marks the sysvols as
>> > primary.
>> >
>> > If there are other Domain Controllers in this domain but ALL of them
>> > have
>> > this event log message then restore one of them as primary (data files
>> > from
>> > primary will replicate everywhere) and the others as non-authoritative.
>> >
>> >
>> > [3] For Active Directory Domain Controllers that host DFS alternates or
>> > other replica sets with replication enabled:
>> >
>> > (3-a) If the Dfs alternates on this DC do not have any other
>> > replication
>> > partners then copy the data under that Dfs share to a safe location.
>> > (3-b) If this server is the only Active Directory Domain Controller for
>> > this domain then, before going to (3-c), make sure this server does
>> > not
>> > have
>> > any inbound or outbound connections to other servers that were formerly
>> > Domain Controllers for this domain but are now off the net (and will
>> > never
>> > be
>> > coming back online) or have been fresh installed without being demoted.
>> > To
>> > delete connections use the Sites and Services snapin and look for
>> > Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS
>> > Settings->CONNECTIONS.
>> > (3-c) Restore the "system state" of this DC from backup (using ntbackup
>> > or
>> > other backup-restore utility) and make it non-authoritative.
>> > (3-d) Copy the data from step (3-a) above to the original location
>> > after
>> > the sysvol share is published.
>> >
>> >
>> > [4] For other Windows servers:
>> >
>> > (4-a) If any of the DFS alternates or other replica sets hosted by
>> > this
>> > server do not have any other replication partners then copy the data
>> > under
>> > its share or replica tree root to a safe location.
>> > (4-b) net stop ntfrs
>> > (4-c) rd /s /q c:\windows\ntfrs\jet
>> > (4-d) net start ntfrs
>> > (4-e) Copy the data from step (4-a) above to the original location
>> > after
>> > the service has initialized (5 minutes is a safe waiting time).
>> >
>> > Note: If this error message is in the eventlog of all the members of a
>> > particular replica set then perform steps (4-a) and (4-e) above on only
>> > one
>> > of the members.
>> >
>> > For more information, see Help and Support Center at
>> > http://go.microsoft.com/fwlink/events.asp.
>> >
>> >
>> > Event ID: 13552
>> >
>> > The File Replication Service is unable to add this computer to the
>> > following
>> > replica set:
>> > "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
>> >
>> > This could be caused by a number of problems such as:
>> > -- an invalid root path,
>> > -- a missing directory,
>> > -- a missing disk volume,
>> > -- a file system on the volume that does not support NTFS 5.0
>> >
>> > The information below may help to resolve the problem:
>> > Computer DNS name is "mcgcpdc.co.mchenry.il.us"
>> > Replica set member name is "MCGCPDC"
>> > Replica set root path is "c:\windows\sysvol\domain"
>> > Replica staging directory path is "c:\windows\sysvol\staging\domain"
>> > Replica working directory path is "c:\windows\ntfrs\jet"
>> > Windows error status code is
>> > FRS error status code is FrsErrorMismatchedJournalId
>> >
>> > Other event log messages may also help determine the problem. Correct
>> > the
>> > problem and the service will attempt to restart replication
>> > automatically
>> > at
>> > a later time.
>> >
>> > For more information, see Help and Support Center at
>>
>>
>>

Top

Re: Receiving a File Replication Service error on 2 DC's. by EricGuzman

EricGuzman
Thu Mar 27 06:29:03 PDT 2008

thanks Jorge and it's an interesting blog and very helpful, but you didn't
answer my question. Would building the 2 new domain controllers from scratch
and joining the domain and moving all services to these 2 domian controllers
and then decomissioning the old domain controllers fix the file replication
issues?

"Jorge de Almeida Pinto [MVP - DS]" wrote:

> USN rollback occur both in AD and the SYSVOL when restoring images of DCs...
>
> see:
> http://blogs.dirteam.com/blogs/jorge/archive/2006/03/08/597.aspx
>
> --
>
> Cheers,
> (HOPEFULLY THIS INFORMATION HELPS YOU!)
>
> # Jorge de Almeida Pinto # MVP Windows Server - Directory Services
>
> BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
> BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
> ------------------------------------------------------------------------------------------
> * How to ask a question --> http://support.microsoft.com/?id=555375
> ------------------------------------------------------------------------------------------
> * This posting is provided "AS IS" with no warranties and confers no rights!
> * Always test before implementing!
> ------------------------------------------------------------------------------------------
> #################################################
> #################################################
> ------------------------------------------------------------------------------------------
> "Eric Guzman" <EricGuzman@discussions.microsoft.com> wrote in message
> news:256396F4-AF66-4AF3-8DEE-94E88D8276A2@microsoft.com...
> >I will actually be building 2 new domain controllers and moving all FMSO
> > roles, DNS, WINS, and DHCP off all the current domain controllers and
> > eventually decomission them and only having the 2 new Domain Controllers.
> > Do
> > you think this will resolve my issues?
> >
> > "Paul Bergson [MVP-DS]" wrote:
> >
> >> I'm going to guess this occurred from doing a clone of your dc's, this is
> >> not supported and can create issues with replication (NTDS), which is
> >> what
> >> it sounds like you are experiencing (There are ways to make this work but
> >> you have to shut off replication). Odd thing is I have only heard of
> >> this
> >> happening against NTDS not NTFRS, so I can't tell you this is what caused
> >> the issue, never the less read the following article on the fallout from
> >> such an approach.
> >> http://support.microsoft.com/?id=875495
> >>
> >> I would recommend by starting with a non-authoritative restore of your
> >> sysvol. I would start by making sure the DC you perform this on is
> >> treated
> >> as the authoritative one and set the burflg setting to D4.
> >>
> >> See:
> >> http://support.microsoft.com/kb/315457/
> >>
> >>
> >>
> >> --
> >> Paul Bergson
> >> MVP - Directory Services
> >> MCT, MCSE, MCSA, Security+, BS CSci
> >> 2008, 2003, 2000 (Early Achiever), NT4
> >>
> >> http://www.pbbergs.com
> >>
> >> Please no e-mails, any questions should be posted in the NewsGroup
> >> This posting is provided "AS IS" with no warranties, and confers no
> >> rights.
> >>
> >> "Eric Guzman" <Eric Guzman@discussions.microsoft.com> wrote in message
> >> news:75CD313D-F26A-487F-9879-39A5872C7ED0@microsoft.com...
> >> > The 2 domain controllers receive Event ID's 13555 and 13552 every day a
> >> > couple of times. Restarting the services did not fix the issue. All
> >> > domain
> >> > controllers are running Windows 2003 Standard sp1. These servers were
> >> > cloned
> >> > about 5 months ago on new hardware and that's when the problem started.
> >> > We
> >> > will be applying service pack 2 later today in hopes of fixing the
> >> > issue.
> >> > I
> >> > would like other alternatives to try and remedy the problem instead of
> >> > what
> >> > the logs say.
> >> >
> >> > Event ID 13555
> >> >
> >> > The File Replication Service is in an error state. Files will not
> >> > replicate
> >> > to or from one or all of the replica sets on this computer until the
> >> > following recovery steps are performed:
> >> >
> >> > Recovery Steps:
> >> >
> >> > [1] The error state may clear itself if you stop and restart the FRS
> >> > service. This can be done by performing the following in a command
> >> > window:
> >> >
> >> > net stop ntfrs
> >> > net start ntfrs
> >> >
> >> > If this fails to clear up the problem then proceed as follows.
> >> >
> >> > [2] For Active Directory Domain Controllers that DO NOT host any DFS
> >> > alternates or other replica sets with replication enabled:
> >> >
> >> > If there is at least one other Domain Controller in this domain then
> >> > restore
> >> > the "system state" of this DC from backup (using ntbackup or other
> >> > backup-restore utility) and make it non-authoritative.
> >> >
> >> > If there are NO other Domain Controllers in this domain then restore
> >> > the
> >> > "system state" of this DC from backup (using ntbackup or other
> >> > backup-restore
> >> > utility) and choose the Advanced option which marks the sysvols as
> >> > primary.
> >> >
> >> > If there are other Domain Controllers in this domain but ALL of them
> >> > have
> >> > this event log message then restore one of them as primary (data files
> >> > from
> >> > primary will replicate everywhere) and the others as non-authoritative.
> >> >
> >> >
> >> > [3] For Active Directory Domain Controllers that host DFS alternates or
> >> > other replica sets with replication enabled:
> >> >
> >> > (3-a) If the Dfs alternates on this DC do not have any other
> >> > replication
> >> > partners then copy the data under that Dfs share to a safe location.
> >> > (3-b) If this server is the only Active Directory Domain Controller for
> >> > this domain then, before going to (3-c), make sure this server does
> >> > not
> >> > have
> >> > any inbound or outbound connections to other servers that were formerly
> >> > Domain Controllers for this domain but are now off the net (and will
> >> > never
> >> > be
> >> > coming back online) or have been fresh installed without being demoted.
> >> > To
> >> > delete connections use the Sites and Services snapin and look for
> >> > Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS
> >> > Settings->CONNECTIONS.
> >> > (3-c) Restore the "system state" of this DC from backup (using ntbackup
> >> > or
> >> > other backup-restore utility) and make it non-authoritative.
> >> > (3-d) Copy the data from step (3-a) above to the original location
> >> > after
> >> > the sysvol share is published.
> >> >
> >> >
> >> > [4] For other Windows servers:
> >> >
> >> > (4-a) If any of the DFS alternates or other replica sets hosted by
> >> > this
> >> > server do not have any other replication partners then copy the data
> >> > under
> >> > its share or replica tree root to a safe location.
> >> > (4-b) net stop ntfrs
> >> > (4-c) rd /s /q c:\windows\ntfrs\jet
> >> > (4-d) net start ntfrs
> >> > (4-e) Copy the data from step (4-a) above to the original location
> >> > after
> >> > the service has initialized (5 minutes is a safe waiting time).
> >> >
> >> > Note: If this error message is in the eventlog of all the members of a
> >> > particular replica set then perform steps (4-a) and (4-e) above on only
> >> > one
> >> > of the members.
> >> >
> >> > For more information, see Help and Support Center at
> >> > http://go.microsoft.com/fwlink/events.asp.
> >> >
> >> >
> >> > Event ID: 13552
> >> >
> >> > The File Replication Service is unable to add this computer to the
> >> > following
> >> > replica set:
> >> > "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
> >> >
> >> > This could be caused by a number of problems such as:
> >> > -- an invalid root path,
> >> > -- a missing directory,
> >> > -- a missing disk volume,
> >> > -- a file system on the volume that does not support NTFS 5.0
> >> >
> >> > The information below may help to resolve the problem:
> >> > Computer DNS name is "mcgcpdc.co.mchenry.il.us"
> >> > Replica set member name is "MCGCPDC"
> >> > Replica set root path is "c:\windows\sysvol\domain"
> >> > Replica staging directory path is "c:\windows\sysvol\staging\domain"
> >> > Replica working directory path is "c:\windows\ntfrs\jet"
> >> > Windows error status code is
> >> > FRS error status code is FrsErrorMismatchedJournalId
> >> >
> >> > Other event log messages may also help determine the problem. Correct
> >> > the
> >> > problem and the service will attempt to restart replication
> >> > automatically
> >> > at
> >> > a later time.
> >> >
> >> > For more information, see Help and Support Center at
> >>
> >>
> >>
>
>
Top

Re: Receiving a File Replication Service error on 2 DC's. by Paul

Paul
Thu Mar 27 06:41:15 PDT 2008

I must have missed something Jorge, I couldn't find anything although it
does make sense that this is what happened.

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2008, 2003, 2000 (Early Achiever), NT4

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"Jorge de Almeida Pinto [MVP - DS]"
<SubstituteThisWithMyFullNameSeparatedByDots@gmail.com> wrote in message
news:ugiF3xAkIHA.4196@TK2MSFTNGP04.phx.gbl...
> USN rollback occur both in AD and the SYSVOL when restoring images of
> DCs...
>
> see:
> http://blogs.dirteam.com/blogs/jorge/archive/2006/03/08/597.aspx
>
> --
>
> Cheers,
> (HOPEFULLY THIS INFORMATION HELPS YOU!)
>
> # Jorge de Almeida Pinto # MVP Windows Server - Directory Services
>
> BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
> BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
> ------------------------------------------------------------------------------------------
> * How to ask a question --> http://support.microsoft.com/?id=555375
> ------------------------------------------------------------------------------------------
> * This posting is provided "AS IS" with no warranties and confers no
> rights!
> * Always test before implementing!
> ------------------------------------------------------------------------------------------
> #################################################
> #################################################
> ------------------------------------------------------------------------------------------
> "Eric Guzman" <EricGuzman@discussions.microsoft.com> wrote in message
> news:256396F4-AF66-4AF3-8DEE-94E88D8276A2@microsoft.com...
>>I will actually be building 2 new domain controllers and moving all FMSO
>> roles, DNS, WINS, and DHCP off all the current domain controllers and
>> eventually decomission them and only having the 2 new Domain Controllers.
>> Do
>> you think this will resolve my issues?
>>
>> "Paul Bergson [MVP-DS]" wrote:
>>
>>> I'm going to guess this occurred from doing a clone of your dc's, this
>>> is
>>> not supported and can create issues with replication (NTDS), which is
>>> what
>>> it sounds like you are experiencing (There are ways to make this work
>>> but
>>> you have to shut off replication). Odd thing is I have only heard of
>>> this
>>> happening against NTDS not NTFRS, so I can't tell you this is what
>>> caused
>>> the issue, never the less read the following article on the fallout from
>>> such an approach.
>>> http://support.microsoft.com/?id=875495
>>>
>>> I would recommend by starting with a non-authoritative restore of your
>>> sysvol. I would start by making sure the DC you perform this on is
>>> treated
>>> as the authoritative one and set the burflg setting to D4.
>>>
>>> See:
>>> http://support.microsoft.com/kb/315457/
>>>
>>>
>>>
>>> --
>>> Paul Bergson
>>> MVP - Directory Services
>>> MCT, MCSE, MCSA, Security+, BS CSci
>>> 2008, 2003, 2000 (Early Achiever), NT4
>>>
>>> http://www.pbbergs.com
>>>
>>> Please no e-mails, any questions should be posted in the NewsGroup
>>> This posting is provided "AS IS" with no warranties, and confers no
>>> rights.
>>>
>>> "Eric Guzman" <Eric Guzman@discussions.microsoft.com> wrote in message
>>> news:75CD313D-F26A-487F-9879-39A5872C7ED0@microsoft.com...
>>> > The 2 domain controllers receive Event ID's 13555 and 13552 every day
>>> > a
>>> > couple of times. Restarting the services did not fix the issue. All
>>> > domain
>>> > controllers are running Windows 2003 Standard sp1. These servers were
>>> > cloned
>>> > about 5 months ago on new hardware and that's when the problem
>>> > started.
>>> > We
>>> > will be applying service pack 2 later today in hopes of fixing the
>>> > issue.
>>> > I
>>> > would like other alternatives to try and remedy the problem instead of
>>> > what
>>> > the logs say.
>>> >
>>> > Event ID 13555
>>> >
>>> > The File Replication Service is in an error state. Files will not
>>> > replicate
>>> > to or from one or all of the replica sets on this computer until the
>>> > following recovery steps are performed:
>>> >
>>> > Recovery Steps:
>>> >
>>> > [1] The error state may clear itself if you stop and restart the FRS
>>> > service. This can be done by performing the following in a command
>>> > window:
>>> >
>>> > net stop ntfrs
>>> > net start ntfrs
>>> >
>>> > If this fails to clear up the problem then proceed as follows.
>>> >
>>> > [2] For Active Directory Domain Controllers that DO NOT host any DFS
>>> > alternates or other replica sets with replication enabled:
>>> >
>>> > If there is at least one other Domain Controller in this domain then
>>> > restore
>>> > the "system state" of this DC from backup (using ntbackup or other
>>> > backup-restore utility) and make it non-authoritative.
>>> >
>>> > If there are NO other Domain Controllers in this domain then restore
>>> > the
>>> > "system state" of this DC from backup (using ntbackup or other
>>> > backup-restore
>>> > utility) and choose the Advanced option which marks the sysvols as
>>> > primary.
>>> >
>>> > If there are other Domain Controllers in this domain but ALL of them
>>> > have
>>> > this event log message then restore one of them as primary (data files
>>> > from
>>> > primary will replicate everywhere) and the others as
>>> > non-authoritative.
>>> >
>>> >
>>> > [3] For Active Directory Domain Controllers that host DFS alternates
>>> > or
>>> > other replica sets with replication enabled:
>>> >
>>> > (3-a) If the Dfs alternates on this DC do not have any other
>>> > replication
>>> > partners then copy the data under that Dfs share to a safe location.
>>> > (3-b) If this server is the only Active Directory Domain Controller
>>> > for
>>> > this domain then, before going to (3-c), make sure this server does
>>> > not
>>> > have
>>> > any inbound or outbound connections to other servers that were
>>> > formerly
>>> > Domain Controllers for this domain but are now off the net (and will
>>> > never
>>> > be
>>> > coming back online) or have been fresh installed without being
>>> > demoted. To
>>> > delete connections use the Sites and Services snapin and look for
>>> > Sites->NAME_OF_SITE->Servers->NAME_OF_SERVER->NTDS
>>> > Settings->CONNECTIONS.
>>> > (3-c) Restore the "system state" of this DC from backup (using
>>> > ntbackup or
>>> > other backup-restore utility) and make it non-authoritative.
>>> > (3-d) Copy the data from step (3-a) above to the original location
>>> > after
>>> > the sysvol share is published.
>>> >
>>> >
>>> > [4] For other Windows servers:
>>> >
>>> > (4-a) If any of the DFS alternates or other replica sets hosted by
>>> > this
>>> > server do not have any other replication partners then copy the data
>>> > under
>>> > its share or replica tree root to a safe location.
>>> > (4-b) net stop ntfrs
>>> > (4-c) rd /s /q c:\windows\ntfrs\jet
>>> > (4-d) net start ntfrs
>>> > (4-e) Copy the data from step (4-a) above to the original location
>>> > after
>>> > the service has initialized (5 minutes is a safe waiting time).
>>> >
>>> > Note: If this error message is in the eventlog of all the members of a
>>> > particular replica set then perform steps (4-a) and (4-e) above on
>>> > only
>>> > one
>>> > of the members.
>>> >
>>> > For more information, see Help and Support Center at
>>> > http://go.microsoft.com/fwlink/events.asp.
>>> >
>>> >
>>> > Event ID: 13552
>>> >
>>> > The File Replication Service is unable to add this computer to the
>>> > following
>>> > replica set:
>>> > "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
>>> >
>>> > This could be caused by a number of problems such as:
>>> > -- an invalid root path,
>>> > -- a missing directory,
>>> > -- a missing disk volume,
>>> > -- a file system on the volume that does not support NTFS 5.0
>>> >
>>> > The information below may help to resolve the problem:
>>> > Computer DNS name is "mcgcpdc.co.mchenry.il.us"
>>> > Replica set member name is "MCGCPDC"
>>> > Replica set root path is "c:\windows\sysvol\domain"
>>> > Replica staging directory path is "c:\windows\sysvol\staging\domain"
>>> > Replica working directory path is "c:\windows\ntfrs\jet"
>>> > Windows error status code is
>>> > FRS error status code is FrsErrorMismatchedJournalId
>>> >
>>> > Other event log messages may also help determine the problem. Correct
>>> > the
>>> > problem and the service will attempt to restart replication
>>> > automatically
>>> > at
>>> > a later time.
>>> >
>>> > For more information, see Help and Support Center at
>>>
>>>
>>>
>


Top

Re: Receiving a File Replication Service error on 2 DC's. by Jorge

Jorge
Thu Mar 27 06:43:08 PDT 2008

detection of USN rollbacks is difficult to troubleshoot and in time you
might not notice using the method that is shown in my article although
inconsistencies exist.
Normally you would only need to DEMOTE the DCs that have experienced the USN
rollback. Again USN rollback are caused by restoring an OLD image of a
certain DC. In that case following the KBs mentioned in my post is the
solution.

To understand WHAT can/needs to be done, it is very important to understand
WHAT happened in the past.
So...

>> >> > controllers are running Windows 2003 Standard sp1. These servers
>> >> > were
>> >> > cloned
>> >> > about 5 months ago on new hardware and that's when the problem
>> >> > started.

Explain in DETAIL what happened here. Don't make assumption about me knowing
stuff or not, just mention everything relevant!
For example: what do you mean with "these servers were cloned"

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Windows Server - Directory Services

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* How to ask a question --> http://support.microsoft.com/?id=555375
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"Eric Guzman" <EricGuzman@discussions.microsoft.com> wrote in message
news:94E1DBDC-D2BC-46CD-83A9-67220DFBC6E8@microsoft.com...
> thanks Jorge and it's an interesting blog and very helpful, but you didn't
> answer my question. Would building the 2 new domain controllers from
> scratch
> and joining the domain and moving all services to these 2 domian
> controllers
> and then decomissioning the old domain controllers fix the file
> replication
> issues?
>
> "Jorge de Almeida Pinto [MVP - DS]" wrote:
>
>> USN rollback occur both in AD and the SYSVOL when restoring images of
>> DCs...
>>
>> see:
>> http://blogs.dirteam.com/blogs/jorge/archive/2006/03/08/597.aspx
>>
>> --
>>
>> Cheers,
>> (HOPEFULLY THIS INFORMATION HELPS YOU!)
>>
>> # Jorge de Almeida Pinto # MVP Windows Server - Directory Services
>>
>> BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
>> BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
>> ------------------------------------------------------------------------------------------
>> * How to ask a question --> http://support.microsoft.com/?id=555375
>> ------------------------------------------------------------------------------------------
>> * This posting is provided "AS IS" with no warranties and confers no
>> rights!
>> * Always test before implementing!
>> ------------------------------------------------------------------------------------------
>> #################################################
>> #################################################
>> ------------------------------------------------------------------------------------------
>> "Eric Guzman" <EricGuzman@discussions.microsoft.com> wrote in message
>> news:256396F4-AF66-4AF3-8DEE-94E88D8276A2@microsoft.com...
>> >I will actually be building 2 new domain controllers and moving all FMSO
>> > roles, DNS, WINS, and DHCP off all the current domain controllers and
>> > eventually decomission them and only having the 2 new Domain
>> > Controllers.
>> > Do
>> > you think this will resolve my issues?
>> >
>> > "Paul Bergson [MVP-DS]" wrote:
>> >
>> >> I'm going to guess this occurred from doing a clone of your dc's, this
>> >> is
>> >> not supported and can create issues with replication (NTDS), which is
>> >> what
>> >> it sounds like you are experiencing (There are ways to make this work
>> >> but
>> >> you have to shut off replication). Odd thing is I have only heard of
>> >> this
>> >> happening against NTDS not NTFRS, so I can't tell you this is what
>> >> caused
>> >> the issue, never the less read the following article on the fallout
>> >> from
>> >> such an approach.
>> >> http://support.microsoft.com/?id=875495
>> >>
>> >> I would recommend by starting with a non-authoritative restore of your
>> >> sysvol. I would start by making sure the DC you perform this on is
>> >> treated
>> >> as the authoritative one and set the burflg setting to D4.
>> >>
>> >> See:
>> >> http://support.microsoft.com/kb/315457/
>> >>
>> >>
>> >>
>> >> --
>> >> Paul Bergson
>> >> MVP - Directory Services
>> >> MCT, MCSE, MCSA, Security+, BS CSci
>> >> 2008, 2003, 2000 (Early Achiever), NT4
>> >>
>> >> http://www.pbbergs.com
>> >>
>> >> Please no e-mails, any questions should be posted in the NewsGroup
>> >> This posting is provided "AS IS" with no warranties, and confers no
>> >> rights.
>> >>
>> >> "Eric Guzman" <Eric Guzman@discussions.microsoft.com> wrote in message
>> >> news:75CD313D-F26A-487F-9879-39A5872C7ED0@microsoft.com...
>> >> > The 2 domain controllers receive Event ID's 13555 and 13552 every
>> >> > day a
>> >> > couple of times. Restarting the services did not fix the issue.
>> >> > All
>> >> > domain
>> >> > controllers are running Windows 2003 Standard sp1. These servers
>> >> > were
>> >> > cloned
>> >> > about 5 months ago on new hardware and that's when the problem
>> >> > started.
>> >> > We
>> >> > will be applying service pack 2 later today in hopes of fixing the
>> >> > issue.
>> >> > I
>> >> > would like other alternatives to try and remedy the problem instead
>> >> > of
>> >> > what
>> >> > the logs say.
>> >> >
>> >> > Event ID 13555
>> >> >
>> >> > The File Replication Service is in an error state. Files will not
>> >> > replicate
>> >> > to or from one or all of the replica sets on this computer until the
>> >> > following recovery steps are performed:
>> >> >
>> >> > Recovery Steps:
>> >> >
>> >> > [1] The error state may clear itself if you stop and restart the FRS
>> >> > service. This can be done by performing the following in a command
>> >> > window:
>> >> >
>> >> > net stop ntfrs
>> >> > net start ntfrs
>> >> >
>> >> > If this fails to clear up the problem then proceed as follows.
>> >> >
>> >> > [2] For Active Directory Domain Controllers that DO NOT host any DFS
>> >> > alternates or other replica sets with replication enabled:
>> >> >
>> >> > If there is at least one other Domain Controller in this domain then
>> >> > restore
>> >> > the "system state" of this DC from backup (using ntbackup or other
>> >> > backup-restore utility) and make it non-authoritative.
>> >> >
>> >> > If there are NO other Domain Controllers in this domain then restore
>> >> > the
>> >> > "system state" of this DC from backup (using ntbackup or other
>> >> > backup-restore
>> >> > utility) and choose the Advanced option which marks the sysvols as
>> >> > primary.
>> >> >
>> >> > If there are other Domain Controllers in this domain but ALL of them
>> >> > have
>> >> > this event log message then restore one of them as primary (data
>> >> > files
>> >> > from
>> >> > primary will replicate everywhere) and the others as
>> >> > non-authoritative.
>> >> >
>> >> >
>> >> > [3] For Active Directory Domain Controllers that host DFS alternates
>> >> > or
>> >> > other replica sets with replication enabled:
>> >> >
>> >> > (3-a) If the Dfs alternates on this DC do not have any other
>> >> > replication
>> >> > partners then copy the data under that Dfs share to a safe location.
>> >> > (3-b) If this server is the only Acti