Dangerous SYSVOL Replication Configuration
medium
Language:
説明
"File Replication Service" (FRS) is deprecated since Windows Server 2008 R2.Tenable highly recommends migrating the SYSVOL share replication from FRS to "Distributed File System Replication" (DFS-R) for better robustness, scalability, and replication performance.
ソリューション
Microsoft recommends using the recent and supported DFS-R protocol for SYSVOL replication.You must migrate SYSVOL shares still using "File Replication Service" (FRS) to "Distributed File System Replication" (DFS-R) manually following the procedure from Microsoft.
参考資料
Active Directory Security Assessment Checklist - SYSVOL replication through NTFRS
Windows Server version 1709 no longer supports FRS
The Case for Migrating SYSVOL to DFSR
Importing a GPO using GPMC fails with "The Directory is not empty"
インジケーターの詳細
名前: Dangerous SYSVOL Replication Configuration
コード名: C-DFS-MISCONFIG
深刻度: Medium