🟠 High   ⏱ 5–30 min  Last verified: 29 May 2026
Affected versions: Windows Server 2022

📖 ~1 min read

Table of contents
  1. Symptom & Impact
  2. Environment & Reproduction
  3. Root Cause Analysis
  4. Quick Triage
  5. Step-by-Step Diagnosis
  6. Solution — Primary Fix
  7. Solution — Alternative Approaches
  8. Verification & Acceptance Criteria
  9. Rollback Plan
  10. Prevention & Hardening
  11. Related Errors & Cross-Refs
  12. References & Further Reading

Symptom & Impact

After promoting a server to DC, SYSVOL and NETLOGON shares are missing. Group Policy processing fails and logons become inconsistent.

Environment & Reproduction

Occurs on Windows Server 2022 build 20348 when DFSR initialization is blocked or AD replication is incomplete.

Get-SmbShare | Where-Object Name -in 'SYSVOL','NETLOGON'
Get-Service DFSR,NTDS,Netlogon
dcdiag /test:sysvolcheck /test:advertising

Root Cause Analysis

DFSR may remain in an uninitialized state due to replication delay, invalid permissions, or migration leftovers from older DCs.

Quick Triage

Confirm DFSR state and initial synchronization readiness.

Get-WinEvent -LogName 'DFS Replication' -MaxEvents 80 | Select TimeCreated,Id,Message
wmic /namespace:\rootmicrosoftdfs path dfsrreplicatedfolderinfo get replicatedfoldername,state

Step-by-Step Diagnosis

Validate replication topology and SYSVOL subscription objects.

repadmin /replsummary
Get-ADObject -LDAPFilter '(objectClass=msDFSR-Subscription)' -SearchBase 'CN=Domain System Volume (SYSVOL share),CN=DFSR-LocalSettings,CN=DC01,OU=Domain Controllers,DC=contoso,DC=local' -Properties *
ntfrsutl ds
Illustrative mockup for windows-server-2022 — terminal_or_powershell
SYSVOL and DFSR checks — Illustrative mockup — Progressive Robot

Solution — Primary Fix

Restart dependency services and force AD/DFSR convergence.

Still having issues? Our IT Solutions & Services team can diagnose and resolve this for you. Get in touch for a free consultation.

Restart-Service DFSR -Force
repadmin /syncall /AdeP
dfsrdiag pollad
Restart-Service Netlogon
net share
Illustrative mockup for windows-server-2022 — event_or_log_viewer
DFSR event evidence during DC promotion — Illustrative mockup — Progressive Robot

Solution — Alternative Approaches

Use authoritative/non-authoritative DFSR restore only if SYSVOL data is corrupted.

dfsrdiag backlog /rgname:'Domain System Volume' /rfname:'SYSVOL Share' /sendingmember:DC1 /receivingmember:DC2
wbadmin start systemstaterecovery -version: -quiet

Verification & Acceptance Criteria

SYSVOL and NETLOGON shares should be present and GPO processing must succeed.

Get-SmbShare | Where-Object Name -in 'SYSVOL','NETLOGON'
gpupdate /force
Get-WinEvent -LogName System -MaxEvents 50 | Where-Object Id -in 5719,1058,1030

Rollback Plan

If service health degrades, revert to pre-change system state backup.

wbadmin get versions
wbadmin start systemstaterecovery -version: -quiet

Prevention & Hardening

Promote DCs in low-change windows and monitor DFSR initialization events.

Get-WinEvent -LogName 'DFS Replication' -FilterXPath '*[System[(EventID=4602 or EventID=4614)]]'
repadmin /replsummary

Commonly linked with DNS SRV registration gaps and replication latency between sites.

Related tutorial: View the step-by-step tutorial for Windows Server 2022.

View all Windows Server 2022 tutorials on the Tutorials Hub →

Browse all common problems & solutions on the Tutorials Hub.

References & Further Reading

Microsoft Learn: SYSVOL DFSR troubleshooting, AD DS promotion checks, and Group Policy dependency guidance.

Need Expert Help?

If you cannot resolve this yourself, our team offers hands-on Server Management, Managed IT Services, and flexible Support Plans. Contact us today — we respond within one business day.