Consider the following scenario:

You want to force the non-authoritative synchronization of SYSVOL on a domain controller. In the File Replication Service (FRS), this was controlled through the D2 and D4 data values for the Burflags registry values, but these values do not exist for the Distributed File System Replication (DFSR) service. You cannot use the DFS Management snap-in (Dfsmgmt.msc) or the Dfsradmin.exe command-line tool to achieve this. Unlike custom DFSR replicated folders, SYSVOL is intentionally protected from any editing through its management interfaces to prevent accidents.

How to perform a non-authoritative synchronization of DFSR-replicated SYSVOL (like "D2" for FRS)

1. In the ADSIEDIT.MSC tool modify the following distinguished name (DN) value and attribute on each of the domain controllers that you want to make non-authoritative:
   
   CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=<the server name>,OU=Domain Controllers,DC=<domain>
   
   msDFSR-Enabled=FALSE
   
   
2. Force Active Directory replication throughout the domain.
   
   
3. Run the following command from an elevated command prompt on the same servers that you set as non-authoritative:
   
   DFSRDIAG POLLAD
   
   
4. You will see Event ID 4114 in the DFSR event log indicating SYSVOL is no longer being replicated.
   
   

5. On the same DN from Step 1, set:
   
   msDFSR-Enabled=TRUE
   
   

6. Force Active Directory replication throughout the domain.
   
   

7. Run the following command from an elevated command prompt on the same servers that you set as non-authoritative:
   
   DFSRDIAG POLLAD
   
   

8. You will see Event ID 4614 and 4604 in the DFSR event log indicating SYSVOL has been initialized. That domain controller has now done a “D2” of SYSVOL.
   

How to perform an authoritative synchronization of DFSR-replicated SYSVOL (like "D4" for FRS)

1. In the ADSIEDIT.MSC tool, modify the following DN and two attributes on the domain controller you want to make authoritative (preferrably the PDC Emulator, which is usually the most up to date for SYSVOL contents):
   
   CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=<the server name>,OU=Domain Controllers,DC=<domain>
   
   msDFSR-Enabled=FALSE
   msDFSR-options=1
   
   
2. Modify the following DN and single attribute on all other domain controllers in that domain:
   
   CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=<each other server name>,OU=Domain Controllers,DC=<domain>
   
   msDFSR-Enabled=FALSE
   
   
3. Force Active Directory replication throughout the domain and validate its success on all DCs.
   
   
4. Start the DFSR service set as authoritative:
   
   
5. You will see Event ID 4114 in the DFSR event log indicating SYSVOL is no longer being replicated.
   
   
6. On the same DN from Step 1, set:
   
   msDFSR-Enabled=TRUE
   
7. Force Active Directory replication throughout the domain and validate its success on all DCs.
   
   
8. Run the following command from an elevated command prompt on the same server that you set as authoritative:
   
   DFSRDIAG POLLAD
   
   
9. You will see Event ID 4602 in the DFSR event log indicating SYSVOL has been initialized. That domain controller has now done a “D4” of SYSVOL.
   
   
10. Start the DFSR service on the other non-authoritative DCs. You will see Event ID 4114 in the DFSR event log indicating SYSVOL is no longer being replicated on each of them.
    
    
11. Modify the following DN and single attribute on all other domain controllers in that domain:
    
    CN=SYSVOL Subscription,CN=Domain System Volume,CN=DFSR-LocalSettings,CN=<each other server name>,OU=Domain Controllers,DC=<domain>
    
    msDFSR-Enabled=TRUE
    
    
12. Run the following command from an elevated command prompt on all non-authoritative DCs (i.e. all but the formerly authoritative one):
    
    DFSRDIAG POLLAD