Monday, February 22, 2010


If you have a domain controller and the SYSVOL is missing you will be getting the following error in your logs:

Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1006
Date: 22/02/2010
Time: 6:01:40 PM
Computer: ORION2\
Windows cannot bind to domain. (Local Error). Group Policy processing aborted.

To get this fixed copy the SYSVOL folder of a healthy domain controller manually.

To get the domain controller to re-establish the shares properally and publish it under the domain namespace theres a trick to this which I will show you.

Navigate to the following registry key on the domain controller you just copied the SYSVOL to:

HKLM\SYSTEM\CurrentControlSet\Services\Ntfrs\Parameters\Backup/Restore\Process at Startup

Set the value of the BurFlags registry entry to D4.

Restart the Ntfrs service

The DC will now automatically share the SYSVOL and republish it under the domain namespace. Very handy!


  1. I was just having this issue on a Server 2008 R2 DC. You will want to be sure to recreate the "junction links" or "symbolic links" once you copy over the SYSVOL manually. You will use symbolic links on any system running vista or higher.

    Junction Link:

    linkd "%systemroot%\Sysvol\staging Areas\" %systemroot%\sysvol\Staging\Domain

    Symbolic Link:
    mklink /d "%systemroot%\SYSVOL\SYSVOL\" %SYSTEMROOT%\SYSVOL\DOMAIN

    mklink /d "%systemroot%\Sysvol\staging Areas\" %systemroot%\sysvol\Staging\Domain

    Once you have created the the links then continue on and change the registry entry as stated in the article.

  2. Hi Clint,

    We never do a D4 on a DC, without stopping the Ntfrs service on all other DC's and setting it to manual. Moreover, we never change the value of BurFlag under "Process at Startup" to D4, as doing this may cause problems to DFS if its replicating through FRS. We always change the value of Burflug under "Cumulative Replicate Set" to D4. And one most important thing, always take a backup of policies and scripts on all the DC's as doing it incorrectly might cause morphing

  3. If you are simply trying to re-share the sysvol folder AND that domain controller does not hold "good" data, you should use D2 NOT D4. D4 sets it to an authoritive restore which causes morphed folders, D2 will suffice to re-share the directory on the bad domain controller.

  4. Thanks for the article. Worked for me.

  5. I agree with others on this, telling people to D4 without further explanation will certainly lead to some people doing so at the risk of D4'ing one of the stale DC and having that data replicate throughout all the others.

  6. I tried D2 and worked fine..thanks for the quick steps