🖥️
An Investment in Knowledge
  • An Investment in Knowledge
  • Microsoft Windows
    • CMD: Disable Windows 10 Reset
    • CMD: Fix Windows Key Activations
    • CMD: FSMO Role Transfer
    • De-Bloat Windows 10
    • Important Links
    • Microsoft Exchange Server Search Index Rebuild
    • PowerShell: Export Active Directory Group Members
    • Registry: Mapped Drives Don't Appear
    • Robocopy
    • SYSVOL Migration to DFRS
  • Microsoft 365
    • Export Shared Mailbox Permissions
    • Change Microsoft 365 Update Channel
  • Apple MacOS
    • Terminal Commands
  • Linux
  • Raspberry Pi
    • pi-Hole
    • Weather Station
    • Wardriving Kali Linux
    • Raspbian Tweaks
  • Data Privacy Restoration Journey
    • Bitwarden
    • Nextcloud
    • openHAB
Powered by GitBook
On this page
  • State 0: Start
  • State 1: Preparation
  • State 2: Redirected
  • State 3: Eliminated

Was this helpful?

  1. Microsoft Windows

SYSVOL Migration to DFRS

Primarily used to move from a Server 2008(R2) or 2012 environment to a Server 2016/2019 environment.

(1) Verify domain is 2008 or above

(2) Verify there are no replication issues using dcdiag

State 0: Start

dfsrmig /CreateGlobalObjects

Run commands below for each DC for verification:

dfsrdiag pollad /member:SERVERNAME

// replace SERVERNAME with name of server to be polled

Check the migration state of the server

dfsrmig /GetMigrationState

State 1: Preparation

dfsrmig /SetGlobalState 1

Replication can run on just the DFRS Global Settings

repadmin /replsingleobj * SERVERNAME "CN=DFSR-GlobalSettings,
CN=System,DC=NAME,DC=local (or TLD)"

Verify msDFR-Flags 16 is prepared

repadmin /showattr * "CN=DFSR-GlobalSettings,CN=System,DC=NAME,DC=local (or TLD)" 
/atts:msDFSR-Flags

If the above commands do not work, you can manually check using ADSI Edit

Run the command below on each DC to verify

dfsrdiag pollad /member:SERVERNAME

Replicate from the DC, verify there are no errors

repadmin /syncall /SAe SERVERNAME

Check the migration state

dfsrmig /GetMigrationState

NETLOGON and SYSVOL shares should still point to sysvol net share

State 2: Redirected

dfsrmig /SetGlobalState 2

Run replication on just the DFRS Global Settings

repadmin /replsingleobj * SERVERNAME "CN=DFSR-GlobalSettings,CN=System,DC=NAME,
DC=local (or TLD)"

Verfiy msDFR-Flags 32 is redirected

repadmin /showattr * "CN=DFSR-GlobalSettings,CN=System,DC=NAME,DC=local (or TLD)"
/atts:msDFSR-Flags

If the commands above do not work, you can manually check by using ADSI Edit

Run the command below to verify for each DC

dfsrdiag pollad /member:SERVERNAME

Replicate from DC, verify there are no errors

repadmin /syncall /SAe SERVERNAME

Check the migration state

dfsrmig /GetMigrationState

If the above commands do not work, you can manually check using ADSI Edit

State 3: Eliminated

This is irreversible - once you go to State 3, there is no going back!

dfsrmig /SetGlobalState 3

Run the command below for each DC to verify

dfsrdiag pollad /member:SERVERNAME

Replicate from DC, verify there are no errors

repadmin /syncall /SAe SERVERNAME

Check the migration state

dfsrmig /GetMigrationState

NETLOGON and SYSVOL shares should now point to sysvol_dfsr, and the previous sysvol directory should be deleted.

Verify msDFR-Flags 48 is eliminated

repadmin /showattr * "CN=DFSR-GlobalSettings,CN=System,DC=NAME,DC=local (or TLD)" 
/atts:msDFSR-Flags

PreviousRobocopyNextMicrosoft 365

Last updated 5 years ago

Was this helpful?