Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2002
  • Last Modified:

Computer Restart on it own...continutation of Dns error 4016 and Computer restarts

This is a continuation of question started on this search text
"Dns error 4016 and Computer restarts"

I have been continuing to get W32 errors in a single domain heirarchy. I read that I do not need any NTPClient configured if I my server can syncronize the clock using its Internal Time Source and from the router so I had not configured external NTP Source.

Yesterday eveninag 6:12 I received w32time event id 12...
"Event Type:      Warning
Event Source:      W32Time
Event Category:      None
Event ID:      12
Date:            4/3/2006
Time:            6:27:50 PM
User:            N/A
Computer:      MUMBAI
Description:
Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the PDC emulator for the domain at the root of the forest, so there is no machine above it in the domain hierarchy to use as a time source.  It is recommended that you either configure a reliable time service in the root domain, or manually configure the PDC to synchronize with an external time source.  Otherwise, this machine will  function as the authoritative time source in the domain hierarchy.  If an external  time source is not configured or used for this computer, you may choose to disable  the NtpClient.

then got this warning

"Event Type:      Warning
Event Source:      W32Time
Event Category:      None
Event ID:      36
Date:            4/4/2006
Time:            6:12:50 PM
User:            N/A
Computer:      MUMBAI
Description:
The time service has not synchronized the system time for 86400 seconds  because none of the time service providers provided a usable time  stamp. The time service is no longer synchronized and cannot provide  the time to other clients or update the system clock. Monitor the  system events displayed in the Event  Viewer to make sure that a more  serious problem does not exist.



then I kept on getting some of these with different internal IP address

I kept on getting some of these
Event Type:      Warning
Event Source:      W32Time
Event Category:      None
Event ID:      22
Date:            4/6/2006
Time:            7:41:47 PM
User:            N/A
Computer:      MUMBAI
Description:
The time provider NtpServer encountered an error while digitally signing the  NTP response for peer 10.1.1.103:123.  NtpServer cannot provide secure (signed) time to the client and will ignore the request. The error was: The RPC server is too busy to complete this operation. (0x800706BB)



then at 7:40 I got a different message

Event Type:      Error
Event Source:      LsaSrv
Event Category:      Security Package Manager
Event ID:      5000
Date:            4/6/2006
Time:            7:46:37 PM
User:            N/A
Computer:      MUMBAI
Description:
The security package NTLM generated an exception.  The exception information is the data.


at 7:43...I got just one of these

Event Type:      Error
Event Source:      Kerberos
Event Category:      None
Event ID:      7
Date:            4/6/2006
Time:            7:43:47 PM
User:            N/A
Computer:      MUMBAI
Description:
The kerberos subsystem encountered a PAC verification failure.  This indicates that the PAC from the client mumbai$ in realm TEST.COM had a PAC which failed to verify or was modified.  Contact your system administrator.



at 10:50pm...I got some of these

Event Type:      Warning
Event Source:      W3SVC
Event Category:      None
Event ID:      1014
Date:            4/6/2006
Time:            10:50:37 PM
User:            N/A
Computer:      MUMBAI
Description:
The World Wide Web Publishing Service encountered an internal error in its process management of worker process '0' serving application pool 'DefaultAppPool'. The data field contains the error number.

All along I was getting DNS 4016 error then at 7:40 AM this morning the server restarted and gave LAss error saying check to make sure active directory is wroking properly....It does this every couple of days....

My DNS is configured correctly and I do not have any other errors.

Today, I configured an external time source to time.nist.gov or something...

Please help.



0
birenshukla
Asked:
birenshukla
  • 4
  • 3
1 Solution
 
Jay_Jay70Commented:
Hi birenshukla,

i would be checking for malware - run all virus scans you can on the server

also rund dcdiag to see what it says

Cheers!
0
 
TheCleanerCommented:
For syncing time, all you need to configure is your "PDC" to sync with either an external time source or a router or firewall that syncs with an external source.

To set your DC to do this, it's:

net time /setsntp:timeprovider

That's it, then stop and start the w32time service.

Your other DCs will sync their time with the "PDC" and the workstations will sync their time with their login DC.

Make sure your firewall is allowing NTP traffic to sync as needed.
0
 
birenshuklaAuthor Commented:
Ok. I have configured my single domain controller to external time source time.nist.gov... I restarted W32 time service and opened UDP 123 on firewall. I tried to ping time.nist.gov and it fails. I also ran dcdiag and following are the results. Everything passes except the time test.

Do I really need to syncronize with external time source since I have a single DC? Can I use my router IP address as SETSNTP since my router does syncronize?

I added my router as my NTP Client time source and the test still failed. Can I just disable NTPCLient...I really dont need external time source syncronization...Any sugggestions?

The dcdiag test still shows the NTPClient syncronization failed.

0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
birenshuklaAuthor Commented:
DHCP is on the router.
0
 
TheCleanerCommented:
You won't be able to ping time.nist.gov.

Yes you can sync with your router, as long as it is syncing with an external source.  Technically your internal network doesn't HAVE to sync externally, just better that you have the right time internally.  Internally the only thing that matters for Kerberos is that (by default) the time on all systems is within 5 minutes of the DCs time.

Do this for the "PDC".

1.  net stop w32time
2.  net time /setsntp:routerIP
3.  net start w32time

look for the next 15 minutes in the system event log.  You are wanting to see and event that says the time service is syncing successfully with the router's IP.

0
 
birenshuklaAuthor Commented:
at first it said that it is syncronizing and then it said that it is receving invalid data from time.nist.gov....and then the server restarted. what is going on please hlp? So no matter if I set external time source to time.nist.gov or to the router the w32time service says that receiving invalid data. Please help.
0
 
birenshuklaAuthor Commented:
how do i know if my router is syncing with external time source. It does not look like it...since immediately after it says syncing time with time source....it says unable to contact time source or receving invalid data...
0
 
TheCleanerCommented:
try a different time source...go with a stratum 2 in your area.

http://www.eecis.udel.edu/~mills/ntp/clock2a.html
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now