Solved

w32time faillure- auto-disbling IIS?

Posted on 2004-08-06
4
478 Views
Last Modified: 2010-04-19
I've got a win2k3 std server running IIS, am FTP site. It is a member of the domain.  I keep getting w32time errors in my system log (see below).  I don't really care, EXCEPT, every few hours IIS and FTP get disabled.  There is no evidence of this happening in any event log.  I load the server, it fails.  I TS in, and I go to computer manager and see the little "x" on the "Web Sites" folder and the "FTP sites" folder.  

All I have to do is start the service again to get IIS and FTP back up.  No errors or difficulties in getting them back up.  But the server disables them every few hours.

It's obvious that they w32 time errors are a problem, but why could this happen?

Also, i've got a firewall, but set up a trusted entry for my DC for all ports.  Still no time sync.  

What am I looking for? Why IIS and FTP auto-disables on w32time failure.  Would be great to have a solution to my w32time issues, but that isn't the main question here.

The precise error is:
"The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible.  No attempt to contact a source will be made for 15 minutes. NtpClient has no source of accurate time. "
0
Comment
Question by:happydog234
  • 2
  • 2
4 Comments
 
LVL 17

Expert Comment

by:John Gates
ID: 11744463
THe reson your iis is shutting down is kerberos cannot authenticate users if more than 5 minutes of clock drift exists. Read the following:

http://support.microsoft.com/default.aspx?scid=216734

The article references Windows 2000 but this applies to Windows 2003 as well!
And set your server to go to ntp.nasa.gov then all should be well!

D
0
 

Author Comment

by:happydog234
ID: 11747751
This doesn't really apply.  As a member server, it shoudl be pulling time from the DC.  It is not.  It isn't a good idea (from what I've read) to point member severs to time servers that aren't a DC in the network...
0
 
LVL 17

Accepted Solution

by:
John Gates earned 500 total points
ID: 11749795
Ok, is your DC properly syncing with an outside time source?  Also I have never heard of time shutting down IIS.  I think you may have a bug bug on that box.  Did you check for code red etc on this machine?  Did you run the IIS lockdown tool on it?

D
0
 

Author Comment

by:happydog234
ID: 11756113
My fault, needed to open icmp packets on my firewall from my DC

Thanks Dimante- good article
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I guess it is not common knowledge to most Wintel engineers/administrators: If you have an SNMP-based monitoring system in your environment (and it's common to have SNMP or Syslog) it's reasonably easy to enable monitoring of the Windows Event logs,…
Learn about cloud computing and its benefits for small business owners.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now