Добрый вечер.
Досталась ситуация с проблемным доменом. В сети сети были 2 КД(физический и виртуальный). Физический сломался - перенесли все роли на виртуальный. Установили новый дополнительный физический КД.Сейчас на него не реплицируются NETLOGON и SYSVOL.
Вот dcdiag c виртуального КД vdc
Directory Server Diagnosis


Performing initial setup:

Trying to find home server...

Home Server = VDC

* Identified AD Forest.
Done gathering initial info.


Doing initial required tests


Testing server: Default-First-Site-Name\VDC

Starting test: Connectivity

......................... VDC passed test Connectivity



Doing primary tests


Testing server: Default-First-Site-Name\VDC

Starting test: Advertising

......................... VDC passed test Advertising

Starting test: FrsEvent

There are warning or error events within the last 24 hours after the

SYSVOL has been shared. Failing SYSVOL replication problems may cause

Group Policy problems.
......................... VDC failed test FrsEvent

Starting test: DFSREvent

......................... VDC passed test DFSREvent

Starting test: SysVolCheck

......................... VDC passed test SysVolCheck

Starting test: KccEvent

......................... VDC passed test KccEvent

Starting test: KnowsOfRoleHolders

......................... VDC passed test KnowsOfRoleHolders

Starting test: MachineAccount

......................... VDC passed test MachineAccount

Starting test: NCSecDesc

Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have

Replicating Directory Changes In Filtered Set
access rights for the naming context:

DC=DomainDnsZones,DC=srv,DC=local
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have

Replicating Directory Changes In Filtered Set
access rights for the naming context:

DC=ForestDnsZones,DC=srv,DC=local
......................... VDC failed test NCSecDesc

Starting test: NetLogons

......................... VDC passed test NetLogons

Starting test: ObjectsReplicated

......................... VDC passed test ObjectsReplicated

Starting test: Replications

......................... VDC passed test Replications

Starting test: RidManager

......................... VDC passed test RidManager

Starting test: Services

......................... VDC passed test Services

Starting test: SystemLog

......................... VDC passed test SystemLog

Starting test: VerifyReferences

......................... VDC passed test VerifyReferences



Running partition tests on : DomainDnsZones

Starting test: CheckSDRefDom

......................... DomainDnsZones passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... DomainDnsZones passed test

CrossRefValidation


Running partition tests on : ForestDnsZones

Starting test: CheckSDRefDom

......................... ForestDnsZones passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... ForestDnsZones passed test

CrossRefValidation


Running partition tests on : Schema

Starting test: CheckSDRefDom

......................... Schema passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... Schema passed test CrossRefValidation


Running partition tests on : Configuration

Starting test: CheckSDRefDom

......................... Configuration passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... Configuration passed test CrossRefValidation


Running partition tests on : srv

Starting test: CheckSDRefDom

......................... srv passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... srv passed test CrossRefValidation


Running enterprise tests on : srv.local

Starting test: LocatorCheck

......................... srv.local passed test LocatorCheck

Starting test: Intersite

......................... srv.local passed test Intersite

Вот dcdiag c нового физического КД adc:
Directory Server Diagnosis


Performing initial setup:

Trying to find home server...

Home Server = adc

* Identified AD Forest.
Done gathering initial info.


Doing initial required tests


Testing server: Default-First-Site-Name\ADC

Starting test: Connectivity

......................... ADC passed test Connectivity



Doing primary tests


Testing server: Default-First-Site-Name\ADC

Starting test: Advertising

Warning: DsGetDcName returned information for \\VDC.srv.local, when we

were trying to reach ADC.

SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.

......................... ADC failed test Advertising

Starting test: FrsEvent

There are warning or error events within the last 24 hours after the

SYSVOL has been shared. Failing SYSVOL replication problems may cause

Group Policy problems.
......................... ADC passed test FrsEvent

Starting test: DFSREvent

......................... ADC passed test DFSREvent

Starting test: SysVolCheck

......................... ADC passed test SysVolCheck

Starting test: KccEvent

......................... ADC passed test KccEvent

Starting test: KnowsOfRoleHolders

......................... ADC passed test KnowsOfRoleHolders

Starting test: MachineAccount

......................... ADC passed test MachineAccount

Starting test: NCSecDesc

Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have

Replicating Directory Changes In Filtered Set
access rights for the naming context:

DC=ForestDnsZones,DC=srv,DC=local
Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have

Replicating Directory Changes In Filtered Set
access rights for the naming context:

DC=DomainDnsZones,DC=srv,DC=local
......................... ADC failed test NCSecDesc

Starting test: NetLogons

Unable to connect to the NETLOGON share! (\\ADC\netlogon)

[ADC] An net use or LsaPolicy operation failed with error 67,

The network name cannot be found..

......................... ADC failed test NetLogons

Starting test: ObjectsReplicated

......................... ADC passed test ObjectsReplicated

Starting test: Replications

......................... ADC passed test Replications

Starting test: RidManager

......................... ADC passed test RidManager

Starting test: Services

......................... ADC passed test Services

Starting test: SystemLog

......................... ADC passed test SystemLog

Starting test: VerifyReferences

......................... ADC passed test VerifyReferences



Running partition tests on : ForestDnsZones

Starting test: CheckSDRefDom

......................... ForestDnsZones passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... ForestDnsZones passed test

CrossRefValidation


Running partition tests on : DomainDnsZones

Starting test: CheckSDRefDom

......................... DomainDnsZones passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... DomainDnsZones passed test

CrossRefValidation


Running partition tests on : Schema

Starting test: CheckSDRefDom

......................... Schema passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... Schema passed test CrossRefValidation


Running partition tests on : Configuration

Starting test: CheckSDRefDom

......................... Configuration passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... Configuration passed test CrossRefValidation


Running partition tests on : srv

Starting test: CheckSDRefDom

......................... srv passed test CheckSDRefDom

Starting test: CrossRefValidation

......................... srv passed test CrossRefValidation


Running enterprise tests on : srv.local

Starting test: LocatorCheck

......................... srv.local passed test LocatorCheck

Starting test: Intersite

......................... srv.local passed test Intersite

Как поправить репликацию?На новом КД по имени \\adc нет папок SYSVOL и NETLOGON

Вот ntfrsutl ds c виртуального КД vdc
NTFRS CONFIGURATION IN THE DS
SUBSTITUTE DCINFO FOR DC
FRS DomainControllerName: (null)
Computer Name : VDC
Computer DNS Name : VDC.srv.local

BINDING TO THE DS:
ldap_connect : VDC.srv.local
DsBind : VDC.srv.local

NAMING CONTEXTS:
SitesDn : CN=Sites,cn=configuration,dc=srv,dc=local
ServicesDn : CN=Services,cn=configuration,dc=srv,dc=local
DefaultNcDn: DC=srv,DC=local
ComputersDn: CN=Computers,DC=srv,DC=local
DomainCtlDn: OU=Domain Controllers,DC=srv,DC=local
Fqdn : CN=VDC,OU=Domain Controllers,DC=srv,DC=local
Searching : Fqdn

COMPUTER: VDC
DN : cn=vdc,ou=domain controllers,dc=srv,dc=local
Guid : 6da541fc-d3d3-446a-94d2518752d18111
UAC : 0x00082000
Server BL : CN=VDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=srv,DC=local
Settings : cn=ntds settings,cn=vdc,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=srv,dc=local
DNS Name : VDC.srv.local
WhenCreated : 11/2/2011 14:53:57 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 8/29/2012 0:0:27 Russian Standard Time Russian Daylight Time [-240]

SUBSCRIPTION: NTFRS SUBSCRIPTIONS
DN : cn=ntfrs subscriptions,cn=vdc,ou=domain controllers,dc=srv,dc=local
Guid : b3853068-afc8-4921-b19f7c747d87d009
Working : c:\windows\ntfrs
Actual Working: c:\windows\ntfrs
WhenCreated : 11/2/2011 14:59:25 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 11/2/2011 14:59:25 Russian Standard Time Russian Daylight Time [-240]

SUBSCRIBER: DOMAIN SYSTEM VOLUME (SYSVOL SHARE)
DN : cn=domain system volume (sysvol share),cn=ntfrs subscriptions,cn=vdc,ou=domain controllers,dc=srv,dc=local
Guid : dc36ec2a-05c8-4be5-ba9eae8a0366023d
Member Ref: CN=VDC,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=srv,DC=local
Root : c:\windows\sysvol\domain
Stage : c:\windows\sysvol\staging\domain
WhenCreated : 11/2/2011 14:59:26 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 11/2/2011 14:59:26 Russian Standard Time Russian Daylight Time [-240]
Subscriber Member Back Links:
cn=vdc,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=srv,dc=local

SETTINGS: FILE REPLICATION SERVICE
DN : cn=file replication service,cn=system,dc=srv,dc=local
Guid : 79b3b1c9-c1e7-4b09-a1dc384cafa3ab1c
WhenCreated : 10/3/2008 19:3:11 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 11/2/2011 14:56:5 Russian Standard Time Russian Daylight Time [-240]

SET: DOMAIN SYSTEM VOLUME (SYSVOL SHARE)
DN : cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=srv,dc=local
Guid : 97c9bc05-314d-49c2-901d782c0f891737
Type : 2
Primary Member: (null)
File Filter : *.tmp, *.bak, ~*
Dir Filter : (null)
FRS Flags : (null)
WhenCreated : 10/3/2008 19:7:2 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 11/2/2011 14:57:20 Russian Standard Time Russian Daylight Time [-240]

MEMBER: VDC
DN : cn=vdc,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=srv,dc=local
Guid : 63f612c7-5f18-4d69-ba4f74a17273508f
Server Ref : CN=NTDS Settings,CN=VDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=srv,DC=local
Computer Ref : cn=vdc,ou=domain controllers,dc=srv,dc=local
Cracked Domain : srv.local
Cracked Name : 00000002 SRV\VDC$
Cracked Domain : srv.local
Cracked Name : fffffff4 S-1-5-21-3043092935-3604984800-324652755-3693
Computer's DNS : VDC.srv.local
WhenCreated : 11/2/2011 14:59:25 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 11/2/2011 14:59:25 Russian Standard Time Russian Daylight Time [-240]

CXTION: F1110473-B473-4C5C-9018-BEF79A1F8F6E
DN : cn=f1110473-b473-4c5c-9018-bef79a1f8f6e,cn=ntds settings,cn=vdc,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=srv,dc=local
Guid : 21c570eb-dbb3-44be-98763f3418c9dad6
Partner Dn : cn=ntds settings,cn=adc,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=srv,dc=local
Partner Rdn : NTDS SETTINGS
Enabled : TRUE
WhenCreated : 8/22/2012 14:11:32 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 9/2/2012 13:34:59 Russian Standard Time Russian Daylight Time [-240]
Options : 0x00000001 [AutoGenCxtion ]
Schedule
Day 1: 111111111111111111111111
Day 2: 111111111111111111111111
Day 3: 111111111111111111111111
Day 4: 111111111111111111111111
Day 5: 111111111111111111111111
Day 6: 111111111111111111111111
Day 7: 111111111111111111111111

MEMBER: ADC
DN : cn=adc,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=srv,dc=local
Guid : 23fa7d9c-8764-4463-8bddc668a7ba1140
Server Ref : CN=NTDS Settings,CN=ADC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=srv,DC=local
Computer Ref : cn=adc,ou=domain controllers,dc=srv,dc=local
Cracked Domain : srv.local
Cracked Name : 00000002 SRV\ADC$
Cracked Domain : srv.local
Cracked Name : fffffff4 S-1-5-21-3043092935-3604984800-324652755-4128
Computer's DNS : ADC.srv.local
WhenCreated : 8/22/2012 14:4:29 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 8/22/2012 14:11:34 Russian Standard Time Russian Daylight Time [-240]

CXTION: 9F199448-55C9-4895-AFE5-97A3540AD42C
DN : cn=9f199448-55c9-4895-afe5-97a3540ad42c,cn=ntds settings,cn=adc,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=srv,dc=local
Guid : 32c42b95-aa3b-4701-ab4e432aadf9ad38
Partner Dn : cn=ntds settings,cn=vdc,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=srv,dc=local
Partner Rdn : NTDS SETTINGS
Enabled : TRUE
WhenCreated : 8/22/2012 14:9:9 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 9/1/2012 12:32:8 Russian Standard Time Russian Daylight Time [-240]
Options : 0x00000001 [AutoGenCxtion ]
Schedule
Day 1: 111111111111111111111111
Day 2: 111111111111111111111111
Day 3: 111111111111111111111111
Day 4: 111111111111111111111111
Day 5: 111111111111111111111111
Day 6: 111111111111111111111111
Day 7: 111111111111111111111111

Вот ntfrsutl ds c нового физического КД adc
NTFRS CONFIGURATION IN THE DS
SUBSTITUTE DCINFO FOR DC
FRS DomainControllerName: (null)
Computer Name : ADC
Computer DNS Name : adc.srv.local

BINDING TO THE DS:
ldap_connect : adc.srv.local
DsBind : adc.srv.local

NAMING CONTEXTS:
SitesDn : CN=Sites,cn=configuration,dc=srv,dc=local
ServicesDn : CN=Services,cn=configuration,dc=srv,dc=local
DefaultNcDn: DC=srv,DC=local
ComputersDn: CN=Computers,DC=srv,DC=local
DomainCtlDn: OU=Domain Controllers,DC=srv,DC=local
Fqdn : CN=ADC,OU=Domain Controllers,DC=srv,DC=local
Searching : Fqdn

COMPUTER: ADC
DN : cn=adc,ou=domain controllers,dc=srv,dc=local
Guid : e9cbd244-c9d4-40ef-955c5fdf4906377e
UAC : 0x00082000
Server BL : CN=ADC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=srv,DC=local
Settings : cn=ntds settings,cn=adc,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=srv,dc=local
DNS Name : ADC.srv.local
WhenCreated : 8/22/2012 12:43:32 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 9/2/2012 13:29:56 Russian Standard Time Russian Daylight Time [-240]

SUBSCRIPTION: NTFRS SUBSCRIPTIONS
DN : cn=ntfrs subscriptions,cn=adc,ou=domain controllers,dc=srv,dc=local
Guid : dcac93e1-93bb-4bcc-9a2e656baeb50cef
Working : c:\windows\ntfrs
Actual Working: c:\windows\ntfrs
WhenCreated : 8/22/2012 14:4:30 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 8/22/2012 14:4:30 Russian Standard Time Russian Daylight Time [-240]

SUBSCRIBER: DOMAIN SYSTEM VOLUME (SYSVOL SHARE)
DN : cn=domain system volume (sysvol share),cn=ntfrs subscriptions,cn=adc,ou=domain controllers,dc=srv,dc=local
Guid : 9ce10eaa-711a-4144-abebb65734125250
Member Ref: CN=ADC,CN=Domain System Volume (SYSVOL share),CN=File Replication Service,CN=System,DC=srv,DC=local
Root : c:\windows\sysvol\domain
Stage : c:\windows\sysvol\staging\domain
WhenCreated : 8/22/2012 14:4:30 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 8/22/2012 14:4:30 Russian Standard Time Russian Daylight Time [-240]
Subscriber Member Back Links:
cn=adc,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=srv,dc=local

SETTINGS: FILE REPLICATION SERVICE
DN : cn=file replication service,cn=system,dc=srv,dc=local
Guid : 79b3b1c9-c1e7-4b09-a1dc384cafa3ab1c
WhenCreated : 10/3/2008 19:3:11 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 8/22/2012 14:0:57 Russian Standard Time Russian Daylight Time [-240]

SET: DOMAIN SYSTEM VOLUME (SYSVOL SHARE)
DN : cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=srv,dc=local
Guid : 97c9bc05-314d-49c2-901d782c0f891737
Type : 2
Primary Member: (null)
File Filter : *.tmp, *.bak, ~*
Dir Filter : (null)
FRS Flags : (null)
WhenCreated : 10/3/2008 19:7:2 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 8/22/2012 14:1:44 Russian Standard Time Russian Daylight Time [-240]

MEMBER: VDC
DN : cn=vdc,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=srv,dc=local
Guid : 63f612c7-5f18-4d69-ba4f74a17273508f
Server Ref : CN=NTDS Settings,CN=VDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=srv,DC=local
Computer Ref : cn=vdc,ou=domain controllers,dc=srv,dc=local
Cracked Domain : srv.local
Cracked Name : 00000002 SRV\VDC$
Cracked Domain : srv.local
Cracked Name : fffffff4 S-1-5-21-3043092935-3604984800-324652755-3693
Computer's DNS : VDC.srv.local
WhenCreated : 11/2/2011 14:59:25 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 8/22/2012 14:1:47 Russian Standard Time Russian Daylight Time [-240]

CXTION: F1110473-B473-4C5C-9018-BEF79A1F8F6E
DN : cn=f1110473-b473-4c5c-9018-bef79a1f8f6e,cn=ntds settings,cn=vdc,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=srv,dc=local
Guid : 21c570eb-dbb3-44be-98763f3418c9dad6
Partner Dn : cn=ntds settings,cn=adc,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=srv,dc=local
Partner Rdn : NTDS SETTINGS
Enabled : TRUE
WhenCreated : 8/22/2012 14:11:32 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 9/2/2012 13:35:14 Russian Standard Time Russian Daylight Time [-240]
Options : 0x00000001 [AutoGenCxtion ]
Schedule
Day 1: 111111111111111111111111
Day 2: 111111111111111111111111
Day 3: 111111111111111111111111
Day 4: 111111111111111111111111
Day 5: 111111111111111111111111
Day 6: 111111111111111111111111
Day 7: 111111111111111111111111

MEMBER: ADC
DN : cn=adc,cn=domain system volume (sysvol share),cn=file replication service,cn=system,dc=srv,dc=local
Guid : 23fa7d9c-8764-4463-8bddc668a7ba1140
Server Ref : CN=NTDS Settings,CN=ADC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=srv,DC=local
Computer Ref : cn=adc,ou=domain controllers,dc=srv,dc=local
Cracked Domain : srv.local
Cracked Name : 00000002 SRV\ADC$
Cracked Domain : srv.local
Cracked Name : fffffff4 S-1-5-21-3043092935-3604984800-324652755-4128
Computer's DNS : ADC.srv.local
WhenCreated : 8/22/2012 14:4:29 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 8/22/2012 14:4:29 Russian Standard Time Russian Daylight Time [-240]

CXTION: 9F199448-55C9-4895-AFE5-97A3540AD42C
DN : cn=9f199448-55c9-4895-afe5-97a3540ad42c,cn=ntds settings,cn=adc,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=srv,dc=local
Guid : 32c42b95-aa3b-4701-ab4e432aadf9ad38
Partner Dn : cn=ntds settings,cn=vdc,cn=servers,cn=default-first-site-name,cn=sites,cn=configuration,dc=srv,dc=local
Partner Rdn : NTDS SETTINGS
Enabled : TRUE
WhenCreated : 8/22/2012 14:9:9 Russian Standard Time Russian Daylight Time [-240]
WhenChanged : 9/1/2012 12:0:27 Russian Standard Time Russian Daylight Time [-240]
Options : 0x00000001 [AutoGenCxtion ]
Schedule
Day 1: 111111111111111111111111
Day 2: 111111111111111111111111
Day 3: 111111111111111111111111
Day 4: 111111111111111111111111
Day 5: 111111111111111111111111
Day 6: 111111111111111111111111
Day 7: 111111111111111111111111