This post covers how to move SYSVOL to a new disk. It’s a little tricky because of the junction points and it is definately worth trying in a lab environment first to get comfortable. You should also engage Microsoft support during the process if that is an option for you.

Preparation

Quickly confirm AD replication is ok.

This might seem counterintuitive because SYSVOL uses DFSR which is separate to general AD replication, but a large amount of the configuration information required by SYSVOL is being read from AD by the DFSR service.

repadmin /replsummary /bysrc /bydest > repsum.txt

We should also do a system state backup of the domain controller we are working with as well as the file system of the SYSVOL tree. For example, C:\Windows\SYSVOL on a default install.

Moving

In this example we will move SYSVOL from the default C:\Windows\SYSVOL to a new disk at the location E:\SYSVOL.

1 - Stop the service.

Stop-Service -Name DFSR

2 - Copy the SYSVOL folder from the source to the target.

cp -path C:\Windows\Sysvol -Destination E:\sysvol -Recurse

3 - Update the value of SYSVOL under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters in the registry so that it uses the new path.

4 - Do the same for the msDFSR-RootPath and msDFSR-StagingPath using ADSI edit.

The values are in the domain partition on the SYSVOL subscription object for the domain controller you are working on. For example, the test domain in this example is contoso.com, and we are working on the domain controller - DC-SYDNEY-2. The object we will modify the attributes on is:

CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=DC-SYDNEY-2,OU=Domain Controllers,DC=contoso,DC=com

5 - We need to remove the old junction points used by the DFSR service. If you’d first like to inspect the junction points that exist, use:

Get-ChildItem -Attributes ReparsePoint | Select-Object FullName, Target

Then, we can delete the two old junction points:

rmdir e:\sysvol\staging areas\contoso.com

rmdir e:\sysvol\sysvol\contoso.com

Bfore you move on, make sure the directories with the name of your domain no longer exist in your new location. For example, e:\sysvol\sysvol\contoso.com should not exist because it was just a junction point to the real data, when you copied it it became just a standard folder. If you dont follow this step you’ll get an error that a directory with the same name as the junction point you are going to create in the next step.

6 - To recreate the junction points we navigate to the appropriate directories. (from e:\Sysvol\staging areas) mklink /J contoso.com e:\Sysvol\staging\domain (from e:\Sysvol\sysvol) mklink /J contoso.com e:\Sysvol\domain

7 - Restart the services: Start-Service Netlogon Start-Service DFSR

There are multiple ways you can test that the change has been successful. A quick and simple approach is to create a canary file in the SYSVOL folders and ensure it is replicated to all domain controllers.

A better approach though, is to use the built in ‘DFS Management” tools and run a health check.

Should you encounter any errors, be sure to start with the “DFS Replication” Event log under “Applications and Services Logs”.