After virtualization of a Domain Controller the domain is in a failed state with these issues:
- The Domain Controllers cannot communicate with any Active Directory services.
- SYSVOL is not shared
- Network profile is public
The fix is to force an authoritative FRS restore on the DC:
Run commands on the AD server with the PDC, or the AD with the most up to date AD information :
- Begin by running this command on all replica AD servers: Net Stop NtFrs
- Regedit: HLM\SYSTEM\CurrenControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup\BurFlags
- Set it to to D4
- Net Start NtFrs
- Net Share
If successful
- SYSVOL share appears
- Network profile is Domain Network
- AD is now connecting
- BurFlags registry value returns to 0
Any replica AD server will need to run a non-authoritative FRS restore
- Net Stop NtFrs (previously ran above)
- Regedit: HLM\SYSTEM\CurrenControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup\BurFlags
- Set it to to D2
- Net Start NtFrs