Skip to content

ADDomain create Tree in existing forest fails - Test-TargetResource: SysVol does not exist #750

New issue
New issue
Open
Open
ADDomain create Tree in existing forest fails - Test-TargetResource: SysVol does not exist#750
@robertbeudeker

Description

@robertbeudeker
robertbeudeker
opened on Jan 16, 2026

Problem description

I'm using below config to create a Tree domain in an existing forest
Domain creation succeeds but after reboot the check is done to an invalid location of Sysvol

forest root domain name: ads.adlab.local
treedomain name: intranet.adlab.local

PowerShell DSC resource MSFT_ADDomain failed to execute Test-TargetResource
functionality with error message: System.InvalidOperationException: The expected SysVol Path
'C:\Windows\SYSVOL\sysvol\intranet.adlab.local.ads.adlab.local' does not exist. (ADD0011)

Verbose logs

VERBOSE: [2026-01-16 16:38:59Z] [VERBOSE] [SR04]: LCM:  [ End    Test     ]  [[ADDomain]ChildDomain]  in 0.5270 
seconds.
VERBOSE: [2026-01-16 16:38:59Z] [ERROR] PowerShell DSC resource MSFT_ADDomain  failed to execute Test-TargetResource 
functionality with error message: System.InvalidOperationException: The expected SysVol Path 
'C:\Windows\SYSVOL\sysvol\intranet.adlab.local.ads.adlab.local' does not exist. (ADD0011) 
VERBOSE: [2026-01-16 16:38:59Z] [VERBOSE] [SR04]:                            [] Consistency check completed.

DSC configuration

Configuration AddChildDomain {
param (
    [Parameter(Mandatory = $true)]
    [String]$dnsSuffix,

    [Parameter(Mandatory = $true)]
    [String]$netbiosName,

    [Parameter(Mandatory = $true)]
    [String]$netbiosNameParent,

    [Parameter(Mandatory = $true)]
    [ValidateNotNullorEmpty()]
    [System.Management.Automation.PSCredential]
    $Credential
)
    Import-DscResource -ModuleName PSDesiredStateConfiguration
    Import-DscResource -ModuleName ComputerManagementDsc -ModuleVersion "10.0.0"
    Import-DscResource -ModuleName ActiveDirectoryDsc -ModuleVersion "6.7.1"
    [System.Management.Automation.PSCredential]$ParentDomainCreds = New-Object System.Management.Automation.PSCredential ("$($Credential.UserName)@$netbiosNameParent.$dnsSuffix", $Credential.Password)

    Node localhost
    {
        LocalConfigurationManager
        {
            ActionAfterReboot = 'ContinueConfiguration'
            ConfigurationMode = 'ApplyOnly'
            RebootNodeIfNeeded = $true
        }

        WindowsFeature RSAT
        {
            Ensure = "Present"
            Name = "RSAT"
        }

        WindowsFeature ADDSInstall
        {
            Ensure = "Present"
            Name = "AD-Domain-Services"
        }

        ADDomain ChildDomain
        {
            DomainName                    = "$netbiosName.$dnsSuffix"
            DomainNetbiosName             = $netbiosName
            ParentDomainName              = "$netbiosNameParent.$dnsSuffix"
            Credential                    = $ParentDomainCreds
            SafeModeAdministratorPassword = $Credential
            DomainType                    = 'TreeDomain'
            DependsOn = "[WindowsFeature]ADDSInstall"
        }

        PendingReboot Reboot1 
        { 
            Name = "RebootServer" 
            DependsOn = "[ADDomain]ChildDomain"
        }
    }
}

Suggested solution

Test-TargetResource is somehow looking in the wrong place. seems to concatenate forest root fqdn to the domain fqdn
the correct location is C:\WINDOWS\SYSVOL\sysvol\#domain fqdn*

Operating system the target node is running

Windows server 2025

PowerShell version and build the target node is running

5

ActiveDirectoryDsc version

6.7.1

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions