This library expounded by MiniTool mainly introduces a kind of Active Directory folder named SYSVOL. It elaborates on its definition, contents, replication technologies, as well as related questions.

What Is SYSVOL?

SYSVOL is a folder located on each domain controller (DC) within the domain. It consists of the domain public files that need to be accessed by clients and kept synced between DCs. The default SYSVOL location is C:\Windows\ SYSVOL.

However, SYSVOL can be moved to another address during the promotion of a domain controller. It is possible but not recommended to migrate SYSVOL after DC promotion as there is potential for error. The SYSVOL folder can be accessed via its share \\domainname.com\sysvol or the local share name on the server \\servername\sysvol.

SYSVOL is the repository for all of the Active Directory (AD) files. It saves all the important items of the AD group policy. Logon scripts and policies are delivered to each domain user via SYSVOL, which stores all of the security-related information of the active directory.

What Does SYSVOL Folder Include?

The SYSVOL folder contains folders, files, and junction points. In essence, SYSVOL takes advantage of Distributed File System (DFS) to share the relevant folders with users and clients.

SYSVOL Replication

The overall purpose of the SYSVOL folder is that it is replicated to all domain controllers throughout the domain. Two replication technologies are applied to replicate the SYSVOL folder, File Replication Service (FRS) and DFS.

In Active Directory, What Does Authorization? – LDAP
In Active Directory, What Does Authorization? – LDAP

In Active Directory, what does authorization? Kerberos, RADIUS, LDAP, TACACS+, or SAML? Do you know what is Active Directory? Answer your questions here!

Read More

File Replication Service

File Replication Service is a multi-master, multi-threaded replication technology. Although FSR still works with Microsoft Windows Server 2008 R2 and later operating systems (OSes), you are not recommended to use it for a better choice – Distributed File System is available.

Let’s see how to keep the SYSVOL synchronized between domain controllers relying on File Replication Service. Active Directory replication is different from SYSVOL replication using FRS or Distributed File System Replication (DFSR or DFS-R) although both use the replication topology and schedule from AD.

When a file is written to disk on an NTFS volume, the NTFS Change Journal is updated, which is also called the Update Sequence Number (USN) journal and consists of many changes made to files on the NTFS volume.

The file replication service detects the change by monitoring the USN and applies a 3-second delay before creating an entry in its inbound log. This process, well known as aging cache, is used to prevent replication when a file is undergoing rapid updates.

As for the inbound log, it is a table within the NT File Replication Service (NTFRS) database. The log contains info involving the file and the time it was changed, which is then used to build its change message.

To make sure the file and all its attributes, permissions, for example, are kept intact FRS calls the backup application programming interface (API) that adopts Virtual SourceSafe (VSS) technology to take a snapshot of the file and its attributes. Then, this backup file is compressed and saved in the staging area folder. At this point, the outbound log is updated (this is also a table within the FRS database). This includes info about all the changes for a specified replication set.

What’s Data Replication & How to Replicate Files for Security?
What’s Data Replication & How to Replicate Files for Security?

What is data replication? How many data replication types are there? How to perform data replication to protect from data loss in case of computer crashes?

Read More

Distributed File System

A brand-new domain built upon Windows 2008 or higher will take advantage of DFS-R to replace its SYSVOL automatically. Yet, upgrading from Server 2003 to 2008 won’t use DFSR automatically. Luckily, you are able to migrate SYSVOL replication to DFS replication.

File Replication Service vs. Distributed File System

DFSR functions in nearly the same way as FRS. Also, Microsoft puts some auto-heling functions in place to remedy some of the issues that FRS was prone to. The major difference between DFS-R and FRS is that instead of replicating the whole files, DFSR only replaces the chunks of data that have changed, which is achieved by creating a Message Digest version 4 (MD4) hash of the file. That makes DFS-R a much more efficient replication protocol than FRS.

Besides, the use of the inbound and outbound logs isn’t required in DFSR as replication partners exchange version vectors to identify which files have to be replicated between them.

Conclusion

SYSVOL is a key function of Active Directory. An unhealthy SYSVOL will result in an unhealthy AD. To manage the health of SYSVOL, you need to make use of free tools to monitor it proactively instead of only relying on the event logs to detect errors.  

Also read: Overview of Active Directory Certificate Services & Its Functions

SYSVOL FAQ

1. Which SYSVOL replication migration state is done entirely using FRS?

Start (State 0).

2. Which SYSVOL replication migration state is done entirely using DFSR?

Eliminated (State 3).

3. On what domain controller should the DFSR Sysvol migration process be performed from?

The PDC Emulator of the domain.

4. Where is the SYSVOL folder located?

By default, it locates in C:\Windows\ SYSVOL.

5. What is the SYSVOL folder used for on a Windows Server 2016 system?

It is the location of scripts, GPOs, and software distribution files related to Active Directory.

6. In which Sysvol replication migration state is DFSR replication performed in the background?

Prepared (State 1).

The new and powerful Windows 11 will bring you many benefits. At the same time, it will also bring you some unexpected damages such as data loss. Thus, it is strongly recommended that you back up your crucial files before or after upgrading to Win11 with a robust and reliable program like MiniTool ShadowMaker, which will assist you to protect your increasing data automatically on schedules!

MiniTool ShadowMaker TrialClick to Download100%Clean & Safe

Also read:

  • linkedin
  • reddit