News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Server 2016: Is the sysvol sync bug in July showing up in August?

    Home Forums AskWoody blog Server 2016: Is the sysvol sync bug in July showing up in August?

    This topic contains 9 replies, has 3 voices, and was last updated by  anonymous 10 months ago.

    • Author
    • #211095 Reply

      Da Boss

      From @njmalm1: Has anyone else experienced their GPOs not syncing permissions after applying KB4338814 to Server 2016? We were getting the ACL error “
      [See the full post at: Server 2016: Is the sysvol sync bug in July showing up in August?]

      1 user thanked author for this post.
    • #211215 Reply

      • #211266 Reply

        AskWoody Lounger

        Quick update…when removing kb4343887 from our test DC it crashed the server. We are now getting a blue screen. We did test removing the update from a generic Windows 2016 machine and that worked fine so I’m guessing the issues revolves around the system being a DC.

        1 user thanked author for this post.
    • #211895 Reply


      Had there been any news regarding this issue.

      I have seen nothing from Microsoft itself regarding this issue

    • #213817 Reply


      After installing KB4343887 on server with AzureAD connect we could observe high CPU usage. Only removing of KB4343887 will help.

    • #215770 Reply

      AskWoody Lounger

      Has anyone else been able to reproduce these sysvol sync issues?  I tried to report the bug to Microsoft but they are telling me we don’t have the proper software assurance agreement to submit the case.  If anything I guess we’ll see if it is fixed in the September release next Tuesday.

    • #217302 Reply


      We’re also having this issue. I just started to spin up new Server 2016 DC VMs to replace old  Server 2012 R2 DCs and was very confused when GPMC reported SysVol syncing issues. Since you already narrowed it down to an update, that helps tremendously. Do you also have Server 2012 R2 DCs in your environment?

      Unfortunately, installing the newest September cumulative update did not fix it. I’m creating a new test environment to install two DCs from the February 2018 Server 2016 v1607  ISO to see if it’s happening from a clean install. I’m hoping that maybe everyone is having this issue but they don’t know it because using “Detect Now” in GPMC to discover this issue is a rare action.

      • #217316 Reply

        AskWoody Lounger

        Update from our side…I installed the September update KB4457131 yesterday on our test 2016 DC which in turn required the KB4103723 2018-05 update to be installed first. I then installed all the September patches for our Server 2012 test DC(KB4457140, KB4457919, KB4457135, KB4457915, and KB4457426). Once all of those updates completed the problem was resolved. I can now delete and create GPOs and run replication without any issues.

        –Domain controller OS version breakdown–

        Windows Server 2016 version 1607 (OS Build 14393.2485) Standard

        Windows Server 2012 version 6.2 (Build 9200) Datacenter

        Our functional level for both forest and domain is Windows 2012

        • #217645 Reply


          Thank you so much for this newest information njmalm1! This solved our issue as well. Our old Server 2012 R2 DCs hadn’t been updated for a while, and the problem fixed itself after updating them to the September 2018 patches. I also needed to modify some of the stuck GPOs so they would replicate again, but everything is good after that. (I caused them to re-replicate by adding a user to the permissions and then removing it again)

          Our forest and domain are set to Server 2012 R2, with two old Server 2012 R2 DCs and two new Server 2016 1607 DCs.

        • #218601 Reply


          Great!  Thank you so much.  I’ve been searching for a solution for this issue. We have 3 DCs running 2016.  The last time I saw an issue like this with sysvol access was when we were working to upgrade our SMB version on the network.  Wish MS would do a little beta testing before they send updates.  When their patch breaks their own products; oh boy.  They must out source their patch writing.

          Microsoft, Where the customer will patch, troubleshoot and fix our software, whether they want to or not.”

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Server 2016: Is the sysvol sync bug in July showing up in August?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.