Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Server not operational

Posted on 2007-08-02
Medium Priority
Last Modified: 2012-06-21
I have a simple AD network consisting of 2 domain controllers, and some member servers.
All FSMO roles are on server named MDC, both servers run DNS, DHCP, WINS, both are Global Catalog servers
Both servers point to themselves for the DNS resolution.

When trying to open Active Directory Users and Computers or Active Directory Sites and services I will get following errors (they are intermittent and sometimes they will pop up, but than I try again and am able to get to the console)

The Directory Schema is not accessible bacause:
An Iinvalid directory path name was passed
For this reason, The New menu may be inaccurate, and extension snap-ins may not work properly.

followed by:

Data from Active Directory Users and Computers [MDC.domain.com]is not available from domain controller MDC.domain.com bacause:
The server is not operational
Try again later, or choose another domain controller by selecting Connect to Domain Controller on the Domain Context menui

Nameing information cannot be located for the following reason:
Server in not operational

How do I correct that?

Group Policies would not work and I get following error frequently on all servers:

Source: userenv
Category: None
Evant ID: 1030
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.

Above error are more frequent on the server holding FSMO roles (MDC is the mane of the server)
I have tried to move FSMO roles to MBKP, but it did not fix the problem.
Question by:pyotrek
  • 3
  • 2
LVL 13

Accepted Solution

ocon827679 earned 2000 total points
ID: 19620719
Take a look at replmon and see if you are replicating properly.  You might want to point DNS to the first DNS server created for both machines, then restart NETLOGON on each to ensure that the SRV records are re-registered properly.

Author Comment

ID: 19620832
In replmon I do not see any servers when trying to add them for monitoring.
If I try to add servers by name I am bale to monitor MBKP but not MDC (which is the server with the problem) I get message that I have no access rights.

Just tried again and it worked - intermitent problem consistent with what was happening before.

I did change DNS to point to MDC on both servers and restarteg Netlogon - still the same problem.

Expert Comment

ID: 19621357
Log on to one of your DCs and run "DCDIAG /e" from the command-line then let us know of any errors
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

LVL 13

Expert Comment

ID: 19624315
Also look in your systel event logs.  Sounds like you might have a connectivity problem.

Author Comment

ID: 19625853

Not sure what solved the problem, but it looks like it is not there anymore.
Maybe after restarting netlogon I was too impatient, maybe it needed some time to replicate the changes ? who knows ?
Right aftre I have pointed both servers to the same DNS and restarting the Netlogon - I had still the same issues. Replmon was not allowing me to "vie" the servers in domain. After the second post was posted (2 hours later) - I tried to run DCDIAG /e - I have noticed that I have no errors there anymore?!?!?!? So I went to the event logs and tried to start MMC atc - and everything worked. Waited until today and still no errors.
I guess the points should go to ocon827679 - THANKS
LVL 13

Expert Comment

ID: 19626298
Thanks - and you are right about being patient with replication.  

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question