I'm trying to apply and test best practices for fully recovering Active Directory forests, as described in Best Practices for Schema Update Implementation or How I Learned to Stop Worrying and Restoring Themselves love "and explained in detail in the" AD Forest Recovery Guide ". ,
However, this note is very unclear to me: "Caution: Perform an authoritative (or primary) SYSVOL restore on only the first domain controller that is restored to the forest root domain. Incorrectly performing SYSVOL primary restore operations on other domain controllers causes replication conflicts of SYSVOL data. "(Https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/manage/ad-forest) (restore, perform, initial restore)
What are the reasons why SYSVOL should not be authorized to be restored once per domain, but only once per forest (in the root domain)? SYSVOL is not just replicated at the domain level? So, would not it be correct to perform an authoritative restore of just one SYSVOL for each domain of the forest (that of the restored domain controller for each domain in the forest) instead of just the root domain? Not only should the conflict occur if I have the SYSVOL folder as authoritative in more than one domain controller in the same domain.
It's just a Microsoft typo (less likely, but possible) or am I missing something (certainly more likely)?