Ask the Community
Groups
Unable to manage Active Directory for a recently restored Domain Controller - Connect IT Community | Kaseya
<main> <article class="userContent"> <h2 data-id="issue"><strong>ISSUE</strong></h2> <p>You've recently restored an Active Directory domain controller either via WinIR, VMIR or straight restore via host-based or file-based backup.<br><br>Upon opening any Active Directory management tools such as Users and Computers (ADUC) and Group Policy Management Console (GPMC), you're presented with the following error: "The specified domain either does not exist or could not be contacted."<br><br><img alt="User-added image" src="https://us.v-cdn.net/6032361/uploads/migrated/OQKY0DRK3X5V/eid-ka03r0000015ahw-feoid-00n40000002yvfa-refid-0em40000000qqwa." class="embedImage-img importedEmbed-img"></img><br><br>Or, the error message may be "There are currently no logon servers available to service the logon request."</p> <h2 data-id="resolution"><strong>RESOLUTION</strong></h2> <p>After restoring a domain controller, login and confirm that the SYSVOL share is present. The command to do this is `net share | findstr /b SYSVOL`.<br>If the SYSVOL share is not present, then you need to perform a series of steps (below) to make it available again, including your group policy objects and scripts. </p> <ol><li>Log into the domain controller</li> <li>Open File Explorer and navigate to C:\Windows\SYSVOL\domain\</li> <li>Follow the link for your domain</li> <li>Enter folder “NtFrs_PreExisting__See_EventLog”</li> <li>Copy the content to a new folder on the desktop</li> <li>Open the Registry Editor and navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters</li> <li>Set SysVolReady to 0</li> <li>In the Registry Editor, navigate to HKLM\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup</li> <li>Set BurFlags to D4</li> <li>Open services.msc</li> <li>Restart the “File Replication” service</li> <li>Copy the data from the new folder (see step #5) back to the folder for your domain location under C:\Windows\SYSVOL\domain\</li> <li>In the Registry Editor, navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters</li> <li>Set SysVolReady to 1</li> <li>[Optional] Reboot</li> </ol><h2 data-id="cause"><strong>CAUSE</strong></h2> <p>There can be many causes for this particular condition. In most cases, the domain services did not come up in the proper order on the affected domain controller.<br><br>Please keep in mind that restoring a domain controller is not recommended unless you have no other domain controllers in your environment. The majority of situations that we've seen this particular issue in is where a domain controller is spun up in a DR environment.</p> <h2 data-id="notes"><strong>NOTES</strong></h2> <p><a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Fhelp%2F290762%2Fusing-the-burflags-registry-key-to-reinitialize-file-replication-servi">https://support.microsoft.com/en-us/help/290762/using-the-burflags-registry-key-to-reinitialize-file-replication-servi</a><br><a rel="nofollow" href="/home/leaving?allowTrusted=1&target=https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fprevious-versions%2Fwindows%2Fit-pro%2Fwindows-server-2008-R2-and-2008%2Fhh147324%28v%3Dws.10%29">https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/hh147324(v=ws.10)</a></p> </article> </main>