Best Practices for Sysvol Maintenance


The System Volume (Sysvol) is a shared directory that stores the server copy of the domain's public files that must be shared for common access and replication throughout a domain. The Sysvol folder on a domain controller contains the following items:
  • Net Logon shares. These typically host logon scripts and policy objects for network client computers.
  • User logon scripts for domains where the administrator uses Active Directory Users and Computers.
  • Windows Group Policy.
  • File replication service (FRS) staging folder and files that must be available and synchronized between domain controllers.
  • File system junctions.
File system junctions are used extensively in the Sysvol structure and are a feature of NTFS file system 3.0. You must be aware of the existence of junction points and how they operate so that you can avoid data loss or corruption that may occur if you modify the Sysvol structure.

More Information

Sysvol uses junction points to manage a single instance store. Junction points are also referred to as reparse points (directory junctions and volume mount points). A junction point is a physical location on a hard disk that points to data that is located elsewhere on your hard disk or on another storage device. Junction points are created when you create a mounted drive. The following diagram is an example of a typical Sysvol structure for a Windows 2000-based domain controller:

| |____Policies
| |____Scripts
| |____Policies
| |____Scripts
| |____Domain
| |____Enterprise
|____Staging Areas
| |____Enterprise junction> = Sysvol\Staging\Enterprise<Br/>
| |____<> junction> = Sysvol\Staging\Domain
| |____Enterprise junction> = Sysvol\Enterprise
| |____<> junction> = Sysvol\Domain
In a single instance store, the physical files only exist one time on the file system. However, in Sysvol, the physical files are located in the following locations:
  • Sysvol\Domain and Sysvol\Staging\Domain

  • Sysvol\Enterprise and Sysvol\Staging\Enterprise
The additional folder structures are reparse points that redirect file input/output to the original locations. The following table lists the folders in Sysvol that contain junction points and the locations to which these junction points resolve:
Sysvol FoldersJunction Point Location
Staging Areas\Enterprise Staging\Enterprise
Staging Areas\DNS_domain_nameStaging\Domain
This configuration maintains data consistency by making sure that a single instance of the data set exists. Additionally, this configuration permits more than one access point for the data set. For example, Sysvol\Domain or Sysvol\Sysvol\, as described in the example that appears earlier in this article, allows for redundancy but does not allow for duplicate files.

Junctions graft the namespace (any bounded area in which a specific name can be resolved) of the destination file system location to an NTFS volume. An underlying reparse point permits NTFS to transparently remap an operation to the destination object. As a result, if you modify the data in the Sysvol structure, changes occur directly on these physical files. Additionally, if you perform a cut-and-paste operation or a copy-and-paste operation with these folders in the Sysvol structure that contains junction points, the cut-and-paste operation or the copy-and-paste operation occur in the junction point information.

Microsoft recommends that you avoid performing a cut-and-paste operation or a copy-and-paste operation on the Sysvol structure, especially when you perform the paste operation on the same server. If you perform a cut-and-paste operation or a copy-and-paste operation on the Sysvol structure, a copy of the junction point information is created. This does not result in a copy of the actual data. Instead, a copy of the junction point information only is created. If you modify any of the files that appear in that folder, you modify the source files directly.

Microsoft recommends that you do not modify the Sysvol structure. This recommendation also applies to backup and restore operations of the Sysvol structure. By default, if you back up Sysvol by using NTBackup.exe, the backup file includes a backup of the folder's junction point information. If you restore a Sysvol structure from a backup file to a different location on the same server, do not restore the junction point information. To do so, use the advanced restore options.

Microsoft recommends that you do not modify any files directly to Sysvol without understanding the behavior of junction points and how these points affect Active Directory in your enterprise.

Note Under Windows Server 2003, if you copy %systemroot%\SYSVOL, you do not copy the junction points. However, under Windows 2000, if you copy %systemroot%\SYSVOL, you do copy the junction points.