Sunday, August 30, 2009

Active Directory restore using Burf flags

Active directory restore using Burf flags.

I have had to use this various times to do an authoritative restore in AD. You will need to stop netlogon and file replication service on all DC's in the domain and then change the burf flag registry key (see below) on ALL Dc's. To make a DC the PDC you will set it to D2 and ALL other servers will need to be set with D4 before you start the netlogon and file replication server.


%domainname% child domain getting Morphed folders in all domain controllers.

FRS Replication is failing between the domain controllers .


1. ISTG is enabled and most of the domain controllers have manual connection objects
2. connect to all the domain controller on %domainname% one by one removed all connection objects and run repadmin /kcc and recreate the topology
3. removed the _ntfrs folders from the sysvol
4. Stop the ntfrs service on all the domain controllers
5. Locate in the following location in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
Values for the BurFlags registry key
D4, on PDC
D2, on all other domain controllers
Start the ntfrs service
6. Sysvol started to replicate to all domain controller but on two domain controllers it still does not
7. connect to them saw no connection object
8. connect an manual connection object and replicate wait for 5 min removed the connection object and run repadmin /kcc
9. automatic connection object created
10. stopped ntfrs service did d2 and start the service again.
11. Issue resolved
1.  Using the BurFlags registry key to reinitialize File Replication Service replica sets
2.  How to force a non-authoritative restore of the data in the Sysvol folder on a domain controller in Windows 2000 Server and in Windows Server 2003
3.  Troubleshooting journal_wrap errors on Sysvol and DFS replica sets