Archived from groups: microsoft.public.win2000.dns (
More info?)
Ken:
We need to get the time service problem fixed. The lack of a reliable time source for the domain
will cause all sorts of obscure problems with functions that depend on an accurate time source.
Either the time service isn't working or the PDC role server itself is missing or misconfigured in AD.
First, check that the server's date, time and time zone are all correct. Be sure to check the time zone
as this is easy to overlook and will cause trouble if wrong.
Next, check that the "Windows Time Service" is set to "Automatic" in services, and running. If not, see
if you can start it. If it will not stay running there should be an event in the system event log giving a reason.
Finally, we need to sync the DC to an outside time source. The command "net time /setsntp:<server>"
will set the external time source to an outside server (e.g. net time /setsntp:ntp.ucsd.edu ). You can use
the w32tm command to check the time service, but there are some differences between 2000 and 2003,
the details are here, depending (watch the URL wrap):
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnw2kmag01/html/TimeWin2K.asp
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/ws03mngd/26_s3wts.mspx
If you've fixed the time service problem then a dcdiag should now pass the advertising test and FSMO role
check. (I'm not concerned about the netcard test since the network - I am assuming - is working, but you may
want to look into this as a driver update issue.)
If the time service isn't the problem, then it the PDC emulator "FSMO" role itself is likely the problem.
Open AD Users and Computers, and right-click on the domain name at the top of the tree. Select
"operations masters" and click the "PDC" tab. This will show you FQDN of the server that active
directory has assigned as the PDC emulator. If this is not a functioning DC it will have to be fixed, so post
back in that case.
At the moment I don't see any DNS-related configuration problems. It is possible there is something
else underneath your time service problem, but that has to be corrected first.
Steve Duff, MCSE, MVP
Ergodic Systems, Inc.
"Ken D" <KenD@discussions.microsoft.com> wrote in message news:C8697F02-C13B-4C0D-9913-2F9C12D5FCB4@microsoft.com...
> Here Is dcdiag /fix
>
> Domain Controller Diagnosis
>
> Performing initial setup:
> Done gathering initial info.
>
> Doing initial required tests
>
> Testing server: Default-First-Site-Name\SERVER1
>
> Starting test: Connectivity
> ......................... SERVER1 passed test Connectivity
>
> Doing primary tests
>
> Testing server: Default-First-Site-Name\SERVER1
> Starting test: Replications
> ......................... SERVER1 passed test Replications
> Starting test: NCSecDesc
> ......................... SERVER1 passed test NCSecDesc
> Starting test: NetLogons
> ......................... SERVER1 passed test NetLogons
> Starting test: Advertising
> Warning: SERVER1 is not advertising as a time server.
> ......................... SERVER1 failed test Advertising
> Starting test: KnowsOfRoleHolders
> ......................... SERVER1 passed test KnowsOfRoleHolders
> Starting test: RidManager
> ......................... SERVER1 passed test RidManager
> Starting test: MachineAccount
> ......................... SERVER1 passed test MachineAccount
> Starting test: Services
> IsmServ Service is stopped on [SERVER1]
> ......................... SERVER1 failed test Services
> Starting test: ObjectsReplicated
> ......................... SERVER1 passed test ObjectsReplicated
> Starting test: frssysvol
> ......................... SERVER1 passed test frssysvol
> Starting test: frsevent
> ......................... SERVER1 passed test frsevent
> Starting test: kccevent
> ......................... SERVER1 passed test kccevent
> Starting test: systemlog
> ......................... SERVER1 passed test systemlog
> Starting test: VerifyReferences
> ......................... SERVER1 passed test VerifyReferences
>
> Running partition tests on : ForestDnsZones
> Starting test: CrossRefValidation
> ......................... ForestDnsZones passed test CrossRefValidati
>
> Starting test: CheckSDRefDom
> ......................... ForestDnsZones passed test CheckSDRefDom
>
> Running partition tests on : DomainDnsZones
> Starting test: CrossRefValidation
> ......................... DomainDnsZones passed test CrossRefValidati
>
> Starting test: CheckSDRefDom
> ......................... DomainDnsZones passed test CheckSDRefDom
>
> Running partition tests on : Schema
> Starting test: CrossRefValidation
> ......................... Schema passed test CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... Schema passed test CheckSDRefDom
>
> Running partition tests on : Configuration
> Starting test: CrossRefValidation
> ......................... Configuration passed test CrossRefValidatio
> Starting test: CheckSDRefDom
> ......................... Configuration passed test CheckSDRefDom
>
> Running partition tests on : HOC
> Starting test: CrossRefValidation
> ......................... HOC passed test CrossRefValidation
> Starting test: CheckSDRefDom
> ......................... HOC passed test CheckSDRefDom
>
> Running enterprise tests on : HOC.Hutchinsonoil.com
> Starting test: Intersite
> ......................... HOC.Hutchinsonoil.com passed test Intersite
> Starting test: FsmoCheck
> Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
> A Time Server could not be located.
> The server holding the PDC role is down.
> Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1
> 5
> A Good Time Server could not be located.
> ......................... HOC.Hutchinsonoil.com failed test FsmoCheck
>
> here is a netdiag /fix
>
>
> ......................................
>
> Computer Name: SERVER1
> DNS Host Name: server1.HOC.Hutchinsonoil.com
> System info : Microsoft Windows Server 2003 (Build 3790)
> Processor : x86 Family 15 Model 2 Stepping 5, GenuineIntel
> List of installed hotfixes :
> KB819696
> KB822132
> KB822742
> KB822743
> KB822744
> KB822745
> KB822925
> KB823182
> KB823353
> KB823559
> KB823980
> KB824073
> KB824105
> KB824139
> KB824141
> KB824146
> KB824151
> KB825117
> KB825119
> KB826238
> KB826936
> KB828035
> KB828741
> KB833987
> KB834707
> KB835732
> KB837001
> KB837272
> KB839645
> KB840315
> KB840374
> KB840987
> KB841356
> KB841533
> KB842773
> KB867460
> KB870763
> KB871250
> KB873333
> KB873376
> KB883935
> KB883939
> KB885250
> KB885834
> KB885835
> KB885836
> KB885881
> KB886903
> KB887797
> KB888113
> KB890046
> KB890175
> KB890859
> KB890923
> KB891711
> KB891781
> KB893066
> KB893086
> KB893803v2
> KB896358
> KB896422
> KB896426
> KB896428
> KB897715
> KB901214
> KB903235
> Q147222
> Q828026
>
>
> Netcard queries test . . . . . . . : Failed
> GetStats failed for 'Intel(R) PRO/1000 MT Network Connection'. [ERROR
> D_FUNCTION]
> [FATAL] - None of the netcard drivers provided satisfactory results.
>
>
>
> Per interface results:
>
> Adapter : Server Local Area Connection
>
> Netcard queries test . . . : Failed
> NetCard Status: UNKNOWN
>
> Host Name. . . . . . . . . : server1
> IP Address . . . . . . . . : 128.127.2.2
> Subnet Mask. . . . . . . . : 255.255.255.0
> Default Gateway. . . . . . : 128.127.2.3
> Primary WINS Server. . . . : 192.168.16.5
> Dns Servers. . . . . . . . : 128.127.2.2
>
> IpConfig results . . . . . : Failed
> Pinging the Primary WINS server 192.168.16.5 - not reachable
>
> AutoConfiguration results. . . . . . : Passed
>
> Default gateway test . . . : Passed
>
> NetBT name test. . . . . . : Passed
>
> WINS service test. . . . . : Failed
> The test failed. We were unable to query the WINS servers.
>
>
> Global results:
>
>
> Domain membership test . . . . . . : Passed
>
>
> NetBT transports test. . . . . . . : Passed
> List of NetBt transports currently configured:
> NetBT_Tcpip_{35B3C83C-B68D-4155-96C4-A15832A28911}
> 1 NetBt transport currently configured.
>
>
> Autonet address test . . . . . . . : Passed
>
>
> IP loopback ping test. . . . . . . : Passed
>
>
> Default gateway test . . . . . . . : Passed
>
>
> NetBT name test. . . . . . . . . . : Passed
>
>
> Winsock test . . . . . . . . . . . : Passed
>
>
> DNS test . . . . . . . . . . . . . : Passed
> PASS - All the DNS entries for DC are registered on DNS server '128.1
> .
>
>
> Redir and Browser test . . . . . . : Passed
> List of NetBt transports currently bound to the Redir
> NetBT_Tcpip_{35B3C83C-B68D-4155-96C4-A15832A28911}
> The redir is bound to 1 NetBt transport.
>
> List of NetBt transports currently bound to the browser
> NetBT_Tcpip_{35B3C83C-B68D-4155-96C4-A15832A28911}
> The browser is bound to 1 NetBt transport.
>
>
> DC discovery test. . . . . . . . . : Passed
>
>
> DC list test . . . . . . . . . . . : Passed
>
>
> Trust relationship test. . . . . . : Skipped
>
>
> Kerberos test. . . . . . . . . . . : Passed
>
>
> LDAP test. . . . . . . . . . . . . : Passed
>
>
> Bindings test. . . . . . . . . . . : Passed
>
>
> WAN configuration test . . . . . . : Skipped
> No active remote access connections.
>
>
> Modem diagnostics test . . . . . . : Passed
>
> IP Security test . . . . . . . . . : Skipped
>
> Note: run "netsh ipsec dynamic show /?" for more detailed information
>
>
> and here is a netdiag /test:dns /v
>
>
> Gathering IPX configuration information.
> Querying status of the Netcard drivers... Failed
> Testing Domain membership... Passed
> Gathering NetBT configuration information.
> Testing DNS
> PASS - All the DNS entries for DC are registered on DNS server
> '128.127.2.2'
> .
>
> Tests complete.
>
>
> Computer Name: SERVER1
> DNS Host Name: server1.HOC.Hutchinsonoil.com
> DNS Domain Name: HOC.Hutchinsonoil.com
> System info : Microsoft Windows Server 2003 (Build 3790)
> Processor : x86 Family 15 Model 2 Stepping 5, GenuineIntel
> Hotfixes :
> Installed? Name
> Yes KB819696
> Yes KB822132
> Yes KB822742
> Yes KB822743
> Yes KB822744
> Yes KB822745
> Yes KB822925
> Yes KB823182
> Yes KB823353
> Yes KB823559
> Yes KB823980
> Yes KB824073
> Yes KB824105
> Yes KB824139
> Yes KB824141
> Yes KB824146
> Yes KB824151
> Yes KB825117
> Yes KB825119
> Yes KB826238
> Yes KB826936
> Yes KB828035
> Yes KB828741
> Yes KB833987
> Yes KB834707
> Yes KB835732
> Yes KB837001
> Yes KB837272
> Yes KB839645
> Yes KB840315
> Yes KB840374
> Yes KB840987
> Yes KB841356
> Yes KB841533
> Yes KB842773
> Yes KB867460
> Yes KB870763
> Yes KB871250
> Yes KB873333
> Yes KB873376
> Yes KB883935
> Yes KB883939
> Yes KB885250
> Yes KB885834
> Yes KB885835
> Yes KB885836
> Yes KB885881
> Yes KB886903
> Yes KB887797
> Yes KB888113
> Yes KB890046
> Yes KB890175
> Yes KB890859
> Yes KB890923
> Yes KB891711
> Yes KB891781
> Yes KB893066
> Yes KB893086
> Yes KB893803v2
> Yes KB896358
> Yes KB896422
> Yes KB896426
> Yes KB896428
> Yes KB897715
> Yes KB901214
> Yes KB903235
> Yes Q147222
> Yes Q828026
>
>
> Netcard queries test . . . . . . . : Failed
>
> Information of Netcard drivers:
>
>
> ---------------------------------------------------------------------------
> Description: Intel(R) PRO/1000 MT Network Connection
> Device: \DEVICE\{35B3C83C-B68D-4155-96C4-A15832A28911}
> GetStats failed for 'Intel(R) PRO/1000 MT Network Connection'.
> [ERROR_INVALI
> D_FUNCTION]
>
> ---------------------------------------------------------------------------
> [FATAL] - None of the netcard drivers provided satisfactory results.
>
>
>
> Per interface results:
>
> Adapter : Server Local Area Connection
> Adapter ID . . . . . . . . : {35B3C83C-B68D-4155-96C4-A15832A28911}
>
> Netcard queries test . . . : Failed
> NetCard Status: UNKNOWN
>
>
> Global results:
>
>
> Domain membership test . . . . . . : Passed
> Machine is a . . . . . . . . . : Primary Domain Controller Emulator
> Netbios Domain name. . . . . . : HOC
> Dns domain name. . . . . . . . : HOC.Hutchinsonoil.com
> Dns forest name. . . . . . . . : HOC.Hutchinsonoil.com
> Domain Guid. . . . . . . . . . : {AC6663A5-C1B5-4D4B-BD49-7AEEB070A1B2}
> Domain Sid . . . . . . . . . . : S-1-5-21-2040972775-2088865363-4077242360
> Logon User . . . . . . . . . . : .admin
> Logon Domain . . . . . . . . . : HOC
>
>
> NetBT transports test. . . . . . . : Passed
> List of NetBt transports currently configured:
> NetBT_Tcpip_{35B3C83C-B68D-4155-96C4-A15832A28911}
> 1 NetBt transport currently configured.
>
>
> DNS test . . . . . . . . . . . . . : Passed
> Interface {35B3C83C-B68D-4155-96C4-A15832A28911}
> DNS Domain:
> DNS Servers: 128.127.2.2
> IP Address: Expected registration with PDN (primary DNS
> domain n
> ame):
> Hostname: server1.HOC.Hutchinsonoil.com.
> Authoritative zone: HOC.Hutchinsonoil.com.
> Primary DNS server: server1.HOC.Hutchinsonoil.com 128.127.2.2
> Authoritative NS:128.127.2.2
> Check the DNS registration for DCs entries on DNS server '128.127.2.2'
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> The Record is correct on DNS server '128.127.2.2'.
>
> PASS - All the DNS entries for DC are registered on DNS server
> '128.127.2.2'
> .
>
>
> The command completed successfully
>
> Thank You For Your Help