sysvol and netlogon shared folders missing after a non-authoritative restore

This is an issue I face with a client side and had to spend hours time to sort it out. Thought of sharing my experience with other fellow minded techies.

First let’s have a look into the issue, Client has a non functional Domain controller due to a power failure. Basically Domain controller has lost it’s database and other critical data (Eg: DNS records, wins records..etc)

Even though additional domain controller has been existed FMSO roles has been assigned to the failed domain controller. Moving forward when we reach the site as a solution they have already restored the domain controller with a system state backup, and then move forward restoring the system state backup to the second domain controller as well. This has caused issues to bring both DC’s to a halt.

Looking into the event viewer found out both DC’s couldn’t find a proper DC’s to sync the sysvol contents though both are trying to find a health DC. To make things shorter I’ve tried to set one DC to set as authoritative and not look for another DC to get the sysvol contents by following the kb290762. After that brought the second DC online and set the “BurFlags” value to D2 in the registry path.

(HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup)

Found out after some time both DC’s got the sysvol folder shared without any contents in it. Netlogon folder also not appearing! Another frustration on the way!!

Next step restore the sysvol to alternative location and reterive the contents in the sysvol folder and then copy to one DC’s “C:\Windows\SYSVOL\sysvol\<Domain Name”\” One that complete following instruction been followed,

Stop File Replication Service in that particular DC, change the following registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup

Key: BurFlags

Value: D4(hexadecimal)

Start File Replication Service, after we see the event ID 13516 in FRS event log.

Restart Netlogon service, then the NETLOGON is shared out.

Stop File Replication Service in the other DC, change the following registry key:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup

Key: BurFlags

Value: D2(hexadecimal)

Start File Replication Service, after we see the event ID 13516 in FRS event log.

Once that complete both DC’s has same contents in the sysvol folder and the netlogon has been restarted as well. Confirmed users can authenticate and rest of the applications are working fine Smile

Almost everything is running perfectly but as a precaution requested to take full backup of the DC’s. Time for a beer but again it’s midnight so no way to make that as well Smile

Summary: Above mention effected domain controllers are Windows 2003 R2. But as a thumb rule one thing to keep in mind is AD replication is multi-threaded, multi-master replication engine and it can take time and patient is a virtue.

Following links has been referred during the troubleshooting process,

Dynamic Memory allocation with HYPER-V R2 SP1

It’s been some time Microsoft has released the Windows 2008 R2 SP1 RC (Release Candidate) in that on of the a killer feature is “Dynamic Memory” allocation. So what exactly is Dynamic memory? is it similar to VMware memory overcommit? Dynamic Memory is a way for the hypervisor to over-subscribe the memory resources to virtual machines, not overcommit them.   You can find more information about the term overcommit in here.

It is not a way for virtual machines to use more memory than is in the box.  It is essentially a way for the virtual machines to share the memory resources of the hardware in a more effective way.   It is essentially allowing the Hyper-V platform to dole out resources as virtual machines require, vs. being constrained to fixed resources.

So how does it work? Before jumping in to that question let’s have a quick understanding how it works. First of all there will be certain amount of memory will be allocated to the host PC and this will be not released for the guest PC’s usage. Second using the Microsoft latest HYPER-V drivers (aka enlighten drivers) guest PC’s and host PC’s constantly communicate about the memory requirements. This addition or removal of memory is implemented using the driver enlightened architecture (VSP/VSC/VMBus) of Hyper-V. On the host side, the Virtual Service Provider (VSP) arbitrates the allocation of physical memory resources between the virtual machines running on the host. On the virtual machine side, the Virtual Service Consumer (VSC) collects the information to determine virtual machine’s memory needs and executes necessary operations to add or remove memory.

Dynamic memory

Dynamic memory architecture

In order to be able to dynamically add memory to a virtual machine, Dynamic Memory requires that the virtual machine’s guest operating system include a kernel enlightenment that supports Dynamic Memory.

So what Operating systems will support Dynamic Memory feature?
· Windows Server 2008 R2 Standard Edition SP1*

· Windows Server 2008 R2 Enterprise Edition SP1

· Windows Server 2008 R2 Datacenter Edition SP1

· Windows Server 2008 R2 Web Edition SP1*

· Windows Server 2008 Standard Edition SP2*

· Windows Server 2008 Enterprise Edition SP2

· Windows Server 2008 Datacenter Edition SP2

· Windows Server 2008 Web Edition SP2*

· Windows Server 2003 R2 Standard Edition SP2 or higher*

· Windows Server 2003 R2 Enterprise Edition SP2 or higher

· Windows Server 2003 R2 Datacenter Edition SP2 or higher

· Windows Server 2003 R2 Web Edition SP2 or higher*

· Windows Server 2003 Standard Edition SP2 or higher*

· Windows Server 2003 Enterprise Edition SP2 or higher

· Windows Server 2003 Datacenter Edition SP2 or higher

· Windows Server 2003 Web Edition SP2 or higher*

· Windows® 7 Enterprise Edition

· Windows 7 Ultimate Edition

· Windows Vista® Enterprise Edition SP2

Note: According to Microsoft documentation the Beta release of Service Pack 1 does not support Dynamic Memory for the operating systems marked with an asterisk (*) above. However, support for Dynamic Memory for these operating systems will be added in a future release of SP1

Once you’ve applied the SP1 on a Windows 2008 R2 host and look into the guest machine’s settings page it would be as follows,


As you can see in there are few changes in the memory allocation area.  To enable the dynamic memory feature you need to select the relevant tab and select the minimum and maximum memory for the guest PC.
The Memory Buffer setting specifies the percentage of memory, based on the workload of the virtual machine, that Hyper-V should try to reserve as a buffer.

Where as memory priority will consider about the which VM can get the additional memory in which priority order. If you have several VM’s you can select which VM should get additional memory initially with highest priority and which one should be least priority considered.

Once these features are enabled you can view the memory usage by each VM’s by following methods,

· Using the two new columns available in the Virtual Machines pane of Hyper-V Manager.

· Using the new performance counters included in Service Pack 1 for Windows Server 2008 R2.

Performance Counter


Added Memory

The cumulative amount of memory added to VMs.

Available Memory

The amount of memory left on the node.

Average Pressure

The average pressure on the balancer node.

Memory Add Operations

The total number of add operations.

Memory Remove Operations

The total number of remove operations.

Removed Memory

The cumulative amount of memory removed from VMs.

Performance Counter


Added Memory

The cumulative amount of memory added to VMs.

Available Memory

The amount of memory left on the node.

Average Pressure

The average pressure on the balancer node.

Memory Add Operations

The total number of add operations.

Memory Remove Operations

The total number of remove operations.

Removed Memory

The cumulative amount of memory removed from VMs.

Dynamic memory feature is not something you should keep on enabling for all the VM’s. Certain application may perform poorly under this feature enabled. If you know the exact usage amount of memory by an application or OS then don’t change it to Dynamic which may not give any advantage. As for now top of my mind I can see Exchange and SQL as such applications.

VDI solutions can greatly benefit from this option. So if you’re planning to implement VDI solution this is a killer feature.

As of now Microsoft keep on improving the features offered in the HYPER-V  hyper visor. This is a good news for the customers who are in the stage moving to virtualization and also customers who are in mixed mode.

Public Beta of service pack for windows 2008 r2 and windows 7 is on the way…

dynamic memory allocation, 3-D graphical experience for remote users via Remote FX and preparation for Cloud computing are few of the major promises to come along with it. In an opening-day keynote speech at Microsoft Corp.’s Tech•Ed 2010 North America conference they has release the official note saying public can expect this service pack on end of the July. Stay tune for this and see what experiment you can experience.

I would be more happy to see the Dynamic memory allocation feature which will allow the VPC to dynamically borrow the memory from other VPC’s when they’re under utilized.

Windows server 2008 R2 failover clustering

People who attend to the hands on workshop in the above topic in Tech.Ed 2010 I do hope you found my demonstration is valuable and got something out of it. During that time I’ve demonstrated how simplified process in creating basic cluster scenario in Windows 2008. Entire lab has been carried out in one single laptop and I know patient is a virtue at that time 🙂

During that time I used SatrWind product for the software based iSCSI solution which has been working as charming as it can be. I have been using this product for demos most of the time and really amazed by it’s simplified GUI console. But don’t think this is a simple software, underneath you’ll find some advance features built inside it. I’ve been blogging about this product for several times since I see a growth software based SAN solutions in the market.

So if anyone interested in demonstrating the clustering features in Windows 2008 you can download that slide deck from here. I have to admit I use various resources and slides from the other people as well. So I thank them all for that as well.

So as I always mention do contact me if you’ll need more support to build a affordable SAN solutions.

Which version of HYPER-V should I use?

Normally when you have top many options in the same products it makes too much confusing. Sometime this is given for you to make your life easier but still there are chances it can burden you when you don’t have proper instructions and guidance. Same story goes in HYPER-V as well. Microsoft offer HYPER-V in several editions and knowing which version to purchase or get free depend on what are you going to do with it. Apart from that I wanted to highlight the new command available in HYPER-V configuration in server core edition. “sconfig.cmd” is a graphical command available in the server core to configure server. This is updated with new sets of commands which make HYPER-V managing administrator’s life easier.
Now without further due let me introduce one of the charts available in the Microsoft web site which explains which edition to choose.

Apart from server consolidation some of the other areas where you can use HYPER-V are,

* Test and Development
* Server Consolidation
* Branch Office Consolidation
* Hosted Desktop Virtualization (VDI)

Microsoft free HYPER Visor is good option for testing and R&D. If you are planning to consolidate more than 4 servers in one physical server then moving to Data center version will do huge cost saving to you. More information of these licensing and how to maximize your investment on this HYPER-V can be get on Tech.Ed 2010. Look forward to see ya in there.

SCVMM 2008 R2 documentation update is out!

If you’re using Microsoft HYPER-V  as you main stream virtualization platform then you know SCVMM is the centralized management console to mange several HYPER-V hosts.  Apart from that is have the capability to manage cross different virtualization technology hosts as well (Eg: ESX)

Since SCVMM is a dynamic product which keeps on evolving all the time new updates and hot-to guides appear frequently. Microsoft team recently released some of the documentation updates. You can reach them here. Apart from that one of the best place to hang around and get the latest info would be HYPER-V @ TechNet.

As per my personal view year 2010 –2012 would be the peak time Sri Lankan market would adopt Virtualization. Most of the time Enterprise companies has been in the observation and internal review about virtualization and how to adopt for that. Since virtualization is a vast area ISV’s will have a great opportunity to provide the ideal solutions.



Few IT Solutions for SMB/SME market

Despite of the number of people in a company business perspective SMB and Enterprise have similar requirements request from the Information Technology. They all expect the service continuity, anywhere access and low cost! During this time period every company dream is to get maximum out of the IT investment and still reduce the cost without loosing the functionality. Business continuity is a key factor for survival of any business. Service disruption for few minutes to few days impact can be devastating depend on the business nature. So how can SMB market segment overcome these limitations with fraction of the cost where Enterprise companies invest on?

To make things simple in this article I’ll focus on Microsoft products and the features offered by them. But as usual hints will be provided for the similar feature products as well 🙂

1. Which Operating Systems to invest on by SMB customers – My 2 cents advise goes for SBS 2008 or EBS 2008. There are significant advantages on these operating systems once properly configured and used. Less attention is been given due to the nature of the product names. Small business Server itself is not a product to be taken lightly, the solution is far more complex than the out of the box. If you’re company fallen under SME segment then consider the scale out product like Essential Business Server which can be spanned into 3 physical servers or virtual servers. Again these are Enterprise class ready product which has been limited only be the CALS and not by reducing any FEATURES. (Period)

2. Cost cutting on Hardware and software purchases – Consider HYPER-V for server virtualization. It will be ideal if you can consider few of your legacy applications to run in their own OS environment to make them less conflict with the latest operating system. Believe me Virtualization will be the ideal solution for this.

What ever your next purchase make sure it is 64bit and Virtualization capable. Always make sure you have enough hardware expansion room. (Eg: Buy 2 processor socket system with one physical processor, buy RAM with enough RAM slots.) Make sure your existing hardware can be utilized as Storage systems. There are easy ways to convert your existing servers into cost effective SAN storage and make maximum out of it. Microsoft offering of SAN software will be coming on OEM so you can consider a product like StarWind iSCSI storage. (more information about how-to articles in future)

3. Backup and Protect you data – This is part of your service continuity and availability plan. If you’re going to have HYPER-V as your virtualization option consider how to backup the virtualized environments as well. From Microsoft point of view DPM 2007 (Data Protection Manager) will be the ideal solution to protect your physical and virtual environments. DPM 2010 can be expected around Q2 in year 2010 with lots of new improvements along with desktop backup and offline laptop backup as well.
when it comes to DR solution and high availability options SMB market has been backed away by the pricy hardware devices and software. Thanks for various replication technologies and offline backup options this is becoming reality to SMB market as well. Microsoft is working closely with ISV partners to make sure software solutions exist for data replication with DR sites. As I mention StarWind is a very popular company coming up with these solutions. Best of all these solutions are costing a fraction of price of DAS or Hardware SAN with HBA adapters.

Let me know if anyone interested on these solutions and would be glad to provide more information.