Category Archives: Microsoft

Manually Force SysVol Replication to RODC

When editing the logon scripts/GPOs this should be performed on a writable DC (preferably replication partner for the RODC). I have seen issues where the Sysvol share has taken a long time to replicate the changes to the RODC delaying testing etc.

In order to manually replicate the Sysvol folder you need to run the following command:

ntfrsutl.exe forcerepl fqdn.of.RODC /r “Domain System Volume (SYSVOL share)” /p fqdn.of.writableDC

When you attempt to run this command you may receive an error like the one below:

Failure to force replication. The file replication service cannot satisfy the re

quest because the user has insufficient privileges. The event log may have more


You will also see an alert in the FRS event log which luckily provides the solution:

The File Replication Service did not grant the user “sccengineer” access to the API “Force Replication”.


Permissions for “Force Replication” can be changed by running regedit.


Click on Start, Run, and type regedit.


Expand HKEY_LOCAL_MACHINE, SYSTEM, CurrentControlSet, Services, NtFrs, Parameters, Access Checks, and highlight “Force Replication”. Click on the toolbar option Security and then Permissions…


Access checks can be disabled for “Force Replication”. Double click on “Access checks are [Enabled or Disabled]” and change the string to Disabled.

If you follow the steps in the alert and restart the File Replication Service and run the above script again it should replicate the sysvol share and you will see the updated logon scripts files

Remember to put back the registry key.

Facebooktwittergoogle_pluslinkedinby feather

Prevent Format-Table truncation

Sometimes when you run a powershell cript and use Format-Table the results can be truncated in some long columns and appear like this “…}”

This is a piddly little issue that the first time I encountered it had me stumped. I used google and found lots of so called “solutions” such using -Auto -Wrap or by specifying a -width, however what I was running this using the Exchange and Citrix snap ins I found this lovely little ┬átreat that will set the result columns to an unlimited width:

$FormatEnumerationLimit =-1

How easy is that…

Facebooktwittergoogle_pluslinkedinby feather

Add a list of users to a Distribution Group with log file

This script will add a list of users in a text file to Distribution group and output the results to a log file.

Import-Module ActiveDirectory ## Use AD Snapin
Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Admin ## Use Exchange 2007 Snapin
$AdminSessionADSettings.ViewEntireForest = $true ##Search Entire Forest

Get-Content ‘C:\Userlist.txt’ | %{
$User = $_
Try {
Add-DistributionGroupMember ‘GroupName’ -Member $User -EA STOP
Echo $User $_.exception.Message
} | Out-File C:\scriptlog.txt

Facebooktwittergoogle_pluslinkedinby feather