域时间同步
同步时间至域控服务器是确保整个网络系统时间一致的重要步骤。下面将介绍如何进行时间同步。
一、使用域控服务器作为时间服务器
登录域控服务器,确保具有管理员权限。
打开命令提示符界面,输入以下命令:w32tm /config /syncfromflags:domhier /reliable:yes /update
这个命令将指示域控服务器从其上一层的时间服务器同步时间,并设置为可靠同步。
继续输入以下命令:net stop w32time && net start w32time
windows 2016新建额外域控没有netlogon和SYSVOL共享
公司新建域辅助域控,就新建了一台额外域控,但是该域控建好后发现组策略不生效,检查sysvol文件夹一片空白,肯定是没有从主域控复制过来,使用dcdiag检查,有下面报错
发现是没有netlogon和sysvol共享,通过微软知识库查询到问题,(先从正常的域控C:\Windows下复制文件夹SYSVOL到故障域控上S)需要更改注册表HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters中的SysvolReady键值更改为1。
域控制器上的 SYSVOL 复制失败并显示 DFSR 错误 4612
症状
受影响的 DC 在 net share 命令中没有列出 SYSVOL 或 NETLOGON 共享。
受影响 DC 上的 DFS 复制事件日志包含 DFSR 错误 4612 和 5008。两个错误中指示的合作伙伴服务器是不再可用的 DC。
Error 4612:
The DFS Replication service initialized SYSVOL at local path [path] and is waiting to perform initial replication. The replicated folder will remain in the initial synchronization state until it has replicated with its partner [partner]. If the server was in the process of being promoted to a domain controller, the domain controller will not advertise and function as a domain controller until this issue is resolved. This can occur if the specified partner is also in the initial synchronization state, or if sharing violations are encountered on this server or the sync partner. If this event occurred during the migration of SYSVOL from File Replication service (FRS) to DFS Replication, changes will not replicate out until this issue is resolved. This can cause the SYSVOL folder on this server to become out of sync with other domain controllers.
域常用命令
1、同步所有域控 repadmin /syncall
2、查看当前域同步状态 repadmin /showrepl *
3、查看指定DC的同步状态 repadmin /showrepl DC4
3、域控中 DNS测试 DCDiag /test:dns
4、显示域控制器之间复制数量和状态 repadmin /replsummary