- If you have a domain that has ever been at a Windows Server 2003 Domain Functional Level or prior, then you have used FRS for SYSVOL replication. This would be the vast majority of domains being used today.
- Migrating from FRS to DFSR for SYSVOL replication is not automatic, regardless of whether you upgrade your Domain Controllers or raise your Functional Levels.
- FRS is antiquated and unreliable for replication.
- If you haven't migrated, FRS is replicating your NETLOGON share (usually filled with login scripts and other miscellaneous items) and all your Group Policy Objects.
I apologize for the ridiculous font and size, but I'm afraid that most people don't understand the necessity in migrating from FRS to DFSR because they don't really understand what is contained within the SYSVOL. Most will know it sounds familiar, but don't realize that NETLOGON and all their GPOs are contained within this folder. I don't put cheap gas in my Ferrari *cough* Kia. Okay...usually I do, but I don't want FRS replicating stuff in my Active Directory that is so critical.
So please just check and see if you are still on FRS, or have migrated to DFSR.
Note: If you aren't running at least Windows Server 2008 Domain Functional Level, then you are definitely using FRS.
- On a Domain Controller, Open PowerShell and run "get-addomain|fl Name,DomainMode"
- You are looking for Windows2008Domain or higher
- Next, run "netdom query fsmo" to find your PDC Emulator.
- On the PDC Emulator DC, run dfsrmig /getglobalstate and dfsrmig /getmigrationstate
- If you have been migrated, you are looking for a global state of Eliminated
- If you see a message that the DFSR migration has not initialized, or get global states of Start, Prepared, or Redirected, then you definitely have some work to do.
I highly recommend these two articles as excellent sources of FRS to DFSR migration information.
No comments:
Post a Comment