Windows 2003 DC PDC Emulator not advertising as time server

There are a lot of articles on this subject, and I tried many of them before posting this, so here's where I am at.  We have a multi-site single-domain AD forest.  All DCs are running Windows 2003 SP2.

Over the weekend, we had to re-IP our datacenter (where the PDC emulator sits) to bring our address scheme into compliance with the company that just acquired us.  Since that time, when I run DCDIAG on the PDC emulator, all tests pass except this one:

Starting test: Advertising
   Warning: MASTER is not advertising as a time server.
   ......................... MASTER failed test Advertising

Here MASTER is the name of the PDC emulator.

What have I done?

I have unregistered and re-registered the w32tm service (after backing up the registry key) so I could start with a clean slate.

Once I had a clean slate, I changed
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type to NTP from NTDS5
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags from 10 to 5
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer\Enabled from 0 to 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\NtpServer to ntp0.cornell.edu,0x1

Then I stopped and restarted w32time

To check communication with the external time source, I ran nslookup ntp0.cornell.edu and it returned:

Server:  master.XXXXX.com
Address:  192.168.60.11

Non-authoritative answer:
Name:    dns3.cit.cornell.edu
Address:  132.236.56.250
Aliases:  ntp0.cornell.edu

Then I ran w32tm /resync /rediscover

It completed without errors.

I checked the event log and I had a message 37 "The time provider NtpClient is currently receiving valid time data from ntp0.cornell.edu (ntp.m|0x1|192.168.60.11:123->132.236.56.250:123)." and a message 35 "The time service is now synchronizing the system time with the time source ntp0.cornell.edu (ntp.m|0x1|192.168.60.11:123->132.236.56.250:123)."

After doing that, another run of DCDIAG still returns the same message that MASTER is not advertising as a time server.  Other DCs are logging event 38 "The time provider NtpClient cannot reach or is currently receiving invalid time data from master.XXXXXX.com (ntp.m|0x0|192.168.63.10:123->192.168.60.11:123)."

I am at a loss... prior to the above set of steps I tried things like NET TIME /SETSNTP:ntp0.cornell.edu... which completed without errors, but I still can't get my PDC emulator to advertise as a time server...
seaconAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

g000seCommented:
Hi,

It may be a replication issue.  How is the replication between the DC's?  Is there any replication warnings or errors in the event logs?
0
seaconAuthor Commented:
Initially, there were some errors as we created a new reverse lookup zone for the site that the PDC emulator was in (and changed its info in AD sites and services) and deleted the old info, but they disappeared after all of the DNS changes had propagated (we're running AD-integrated DNS).  

Running repadmin /showism /verbose shows:



==== TRANSPORT CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com CONNECTIVITY INFORMATION FOR 6 SITES: ====



        0,    1,    2,    3,    4,    5

Site(0) CN=Augusta,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com

    0:0:0, 80:180:0, 60:180:0, 120:180:0, 90:180:0, 90:180:0

    All DCs in site CN=Augusta,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (with trans & hosting NC) are bridgehead candidates.

    Schedule between CN=Augusta,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Cambridge,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 80, interval 180):

        Connection is always available.

    Schedule between CN=Augusta,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Datacenter,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 60, interval 180):

        Connection is always available.

    Schedule between CN=Augusta,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Framingham,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 120, interval 180):

        Connection is always available.

    Schedule between CN=Augusta,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Manchester,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 90, interval 180):

        Connection is always available.

    Schedule between CN=Augusta,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=RockyHill,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 90, interval 180):

        Connection is always available.



Site(1) CN=Cambridge,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com

    80:180:0, 0:0:0, 20:180:0, 80:180:0, 50:180:0, 50:180:0

    All DCs in site CN=Cambridge,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (with trans & hosting NC) are bridgehead candidates.

    Schedule between CN=Cambridge,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Augusta,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 80, interval 180):

        Connection is always available.

    Schedule between CN=Cambridge,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Datacenter,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 20, interval 180):

        Connection is always available.

    Schedule between CN=Cambridge,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Framingham,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 80, interval 180):

        Connection is always available.

    Schedule between CN=Cambridge,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Manchester,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 50, interval 180):

        Connection is always available.

    Schedule between CN=Cambridge,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=RockyHill,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 50, interval 180):

        Connection is always available.



Site(2) CN=Datacenter,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com

    60:180:0, 20:180:0, 0:0:0, 60:180:0, 30:180:0, 30:180:0

    All DCs in site CN=Datacenter,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (with trans & hosting NC) are bridgehead candidates.

    Schedule between CN=Datacenter,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Augusta,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 60, interval 180):

        Connection is always available.

    Schedule between CN=Datacenter,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Cambridge,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 20, interval 180):

        Connection is always available.

    Schedule between CN=Datacenter,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Framingham,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 60, interval 180):

        Connection is always available.

    Schedule between CN=Datacenter,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Manchester,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 30, interval 180):

        Connection is always available.

    Schedule between CN=Datacenter,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=RockyHill,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 30, interval 180):

        Connection is always available.



Site(3) CN=Framingham,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com

    120:180:0, 80:180:0, 60:180:0, 0:0:0, 90:180:0, 90:180:0

    All DCs in site CN=Framingham,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (with trans & hosting NC) are bridgehead candidates.

    Schedule between CN=Framingham,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Augusta,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 120, interval 180):

        Connection is always available.

    Schedule between CN=Framingham,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Cambridge,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 80, interval 180):

        Connection is always available.

    Schedule between CN=Framingham,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Datacenter,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 60, interval 180):

        Connection is always available.

    Schedule between CN=Framingham,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Manchester,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 90, interval 180):

        Connection is always available.

    Schedule between CN=Framingham,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=RockyHill,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 90, interval 180):

        Connection is always available.



Site(4) CN=Manchester,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com

    90:180:0, 50:180:0, 30:180:0, 90:180:0, 0:0:0, 60:180:0

    All DCs in site CN=Manchester,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (with trans & hosting NC) are bridgehead candidates.

    Schedule between CN=Manchester,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Augusta,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 90, interval 180):

        Connection is always available.

    Schedule between CN=Manchester,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Cambridge,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 50, interval 180):

        Connection is always available.

    Schedule between CN=Manchester,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Datacenter,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 30, interval 180):

        Connection is always available.

    Schedule between CN=Manchester,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Framingham,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 90, interval 180):

        Connection is always available.

    Schedule between CN=Manchester,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=RockyHill,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 60, interval 180):

        Connection is always available.



Site(5) CN=RockyHill,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com

    90:180:0, 50:180:0, 30:180:0, 90:180:0, 60:180:0, 0:0:0

    All DCs in site CN=RockyHill,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (with trans & hosting NC) are bridgehead candidates.

    Schedule between CN=RockyHill,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Augusta,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 90, interval 180):

        Connection is always available.

    Schedule between CN=RockyHill,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Cambridge,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 50, interval 180):

        Connection is always available.

    Schedule between CN=RockyHill,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Datacenter,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 30, interval 180):

        Connection is always available.

    Schedule between CN=RockyHill,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Framingham,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 90, interval 180):

        Connection is always available.

    Schedule between CN=RockyHill,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com and CN=Manchester,CN=Sites,CN=Configuration,DC=XXXXXX,DC=com (cost 60, interval 180):

        Connection is always available.

Is there something else I can check to make sure that replication is working properly?
0
ChandarSCommented:

To check the server is Advertise as Time Server or not ...

Go to any client machine.

ran the below command

1) w32tm /resync

2) w32tm /stripchart /computer:PDC Server Name

Note: Check there is any GPO is applied or not through rsop.msc command.

Pls paste the result for fruther steps.

After that if there is still issue on the server the follow the below article and paste the result.

http://support.microsoft.com/kb/816043


Regards,
Chandar Singh
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

seaconAuthor Commented:
@ ChandarS:

C:\>w32tm /resync
Sending resync command to local computer...
The command completed successfully.

C:\>w32tm /stripchart /computer:master.XXXXXX.com
Tracking master.XXXXXX.com [192.168.60.11].
The current time is 3/23/2010 10:33:15 PM (local time).
22:33:15 d:+00.0000000s o:+00.4267035s  [                           |*                          ]
22:33:17 d:+00.0000000s o:+00.4094527s  [                           |*                          ]

Part of the problem is that if I force a resync, it happens, but then later I get w32time errors in the event log that it can't sync itself, and DCDIAG on the PDC still returns the "Failed Advertising" result.

Running rsop.msc on a client says that there is no Source GPO for Windows Time; I don't know what other GPO would apply.

I have turned on debugging with a 10 MB file size; I will post the results in the morning.
0
g000seCommented:
0
seaconAuthor Commented:
@g000se:

From your link:
Running dcidag /v /test:advertising returns:
Testing server: Datacenter\MASTER
      Starting test: Advertising
         The DC MASTER is advertising itself as a DC and having a DS.
         The DC MASTER is advertising as an LDAP server
         The DC MASTER is advertising as having a writeable directory
         The DC MASTER is advertising as a Key Distribution Center
         Warning: MASTER is not advertising as a time server.
         The DS MASTER is advertising as a GC.
         ......................... MASTER failed test Advertising

-- this is nothing new

Running dcdiag /v /test:fsmocheck returns:
Starting test: FsmoCheck
   GC Name: \\master.XXXXXX.com
   Locator Flags: 0xe00001bd
   PDC Name: \\master.XXXXXX.com
   Locator Flags: 0xe00001bd
   Time Server Name: \\memaster.XXXXXX.com
   Locator Flags: 0xe0000178
   Preferred Time Server Name: \\nhmaster.XXXXXX.com
   Locator Flags: 0xe0000178
   KDC Name: \\master.XXXXXX.com
   Locator Flags: 0xe00001bd
   ......................... XXXXXX.com passed test FsmoCheck

--I don't know how to interpret this one.  It seems to be saying that different remote office DCs have seperately taken on the time server and preferred time server roles.  How do I fix this?

In the resolution section, w32time is running already, and I have restarted it many times (and just did again).

Running w32tm /stripchart /computer:ntp0.cornell.edu /samples:2 /dataonly returns:
Tracking ntp0.cornell.edu [132.236.56.250].
Collecting 2 samples.
The current time is 3/24/2010 9:35:29 AM (local time).
09:35:29, +00.0172150s
09:35:31, +00.0163257s

--No errors here (Port 123 is open on our firewall)

Running netdiag /fix returns:
......................................

    Computer Name: MASTER
    DNS Host Name: master.XXXXXX.com
    System info : Microsoft Windows Server 2003 (Build 3790)
    Processor : x86 Family 15 Model 6 Stepping 4, GenuineIntel
    List of installed hotfixes :
        KB924667-v2
        KB925398_WMP64
        KB925902
        KB927891
        KB929123
        KB930178
        KB931784
        KB931836
        KB932168
        KB933729
        KB933854
        KB935839
        KB935840
        KB936021
        KB936357
        KB936782
        KB938127
        KB941569
        KB941693
        KB942288-v4
        KB942831
        KB943055
        KB943460
        KB943485
        KB944338-v2
        KB944653
        KB945553
        KB946026
        KB948003
        KB948496
        KB948590
        KB948745
        KB949014
        KB950762
        KB950974
        KB951066
        KB951072-v2
        KB951698
        KB951746
        KB951748
        KB952954
        KB953838
        KB953839
        KB968915
        Q147222

Netcard queries test . . . . . . . : Passed

Per interface results:

    Adapter : Local Area Connection

        Netcard queries test . . . : Passed

        Host Name. . . . . . . . . : master
        IP Address . . . . . . . . : 192.168.60.11
        Subnet Mask. . . . . . . . : 255.255.255.0
        Default Gateway. . . . . . : 192.168.60.14
        Primary WINS Server. . . . : 192.168.60.11
        Dns Servers. . . . . . . . : 192.168.60.11

        AutoConfiguration results. . . . . . : Passed
        Default gateway test . . . : Passed
        NetBT name test. . . . . . : Passed
        [WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names is missing.
        WINS service test. . . . . : Passed

Global results:
Domain membership test . . . . . . : Passed
NetBT transports test. . . . . . . : Passed
    List of NetBt transports currently configured:
        NetBT_Tcpip_{6E664234-6DBE-4B8E-8899-F8C09FCEF084}
    1 NetBt transport currently configured.
Autonet address test . . . . . . . : Passed
IP loopback ping test. . . . . . . : Passed
Default gateway test . . . . . . . : Passed
NetBT name test. . . . . . . . . . : Passed
    [WARNING] You don't have a single interface with the <00> 'WorkStation Service', <03> 'Messenger Service', <20> 'WINS' names defined.
Winsock test . . . . . . . . . . . : Passed
DNS test . . . . . . . . . . . . . : Passed
    PASS - All the DNS entries for DC are registered on DNS server '192.168.60.11' and other DCs also have some of the names registered.
Redir and Browser test . . . . . . : Passed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{6E664234-6DBE-4B8E-8899-F8C09FCEF084}
    The redir is bound to 1 NetBt transport.
    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{6E664234-6DBE-4B8E-8899-F8C09FCEF084}
    The browser is bound to 1 NetBt transport.
DC discovery test. . . . . . . . . : Passed
DC list test . . . . . . . . . . . : Passed
Trust relationship test. . . . . . : Skipped
Kerberos test. . . . . . . . . . . : Passed
LDAP test. . . . . . . . . . . . . : Passed
Bindings test. . . . . . . . . . . : Passed
WAN configuration test . . . . . . : Skipped
    No active remote access connections.
Modem diagnostics test . . . . . . : Passed
IP Security test . . . . . . . . . : Skipped

Running w32tm /resync /rediscover returns "the command completed successfully" as it always has.

Running netdom query fsmo returns:
Schema owner                master.XXXXXX.com
Domain role owner           master.XXXXXX.com
PDC role                    master.XXXXXX.com
RID pool manager            master.XXXXXX.com
Infrastructure owner        master.XXXXXX.com

Running w32tm /config /manualpeerlist:ntp0.cornell.edu /syncfromflags:manual /reliable:yes /update returns "the command completed successfully"

With repsect to AnnounceFlags, http://support.microsoft.com/kb/816042 makes it clear (under the section "Configuring the Windows Time service to use an external time source" that AnnounceFlags should be set to 5, not a (a would be appropriate for a member server or non-PDC emulator-DC)

After all of this, dcdiag still returns that MASTER is not advertising as a time server... so I am back to square one.

0
seaconAuthor Commented:
@ChandarS

I have attached the debug log for the windows time service to this update.  It is 10 MB in size but contains about 12 hours of data.
w32time.txt
0
ChandarSCommented:
I have gone through the log file, It seems every thing is running fine.

I suggest to apply the Hotfix

http://support.microsoft.com/kb/830092

Reg,
Chandar Singh
0
seaconAuthor Commented:
@ChandarS

According to the MSKB article you reference, "this hotfix has the file attributes (or later file attributes) that are listed in the following table:  W32time.dll 5.2.3790.125 221,696 31-Jan-2004"

When I examine the W32time.dll file in my C:\Windows\System32 folder it is version 5.2.3790.3959 with a date of 17-Feb-2007, so it would appear that I am already covered.
0
g000seCommented:
May I suggest transferring the PDC emulator role to another DC on the same domain and local network.  This will save you some time and frustration.
0
seaconAuthor Commented:
After spending a goodly amount of time on this, I discovered that under Local Computer Policy on the PDC emulator, Computer Configuation\Administrative Templates\System\Windows Time Service\Global Configuration Settings was set to 'Enabled' and one of the settings (AnnounceFlags) was set to 0x4 rather than 0x5.  When I changed the GPO from 'Enabled' to 'Not Configured', restarted the time service and ran w32tm /resync /rediscover, DCDIAG now returned that my PDCe was advertising as a time server.  After fixing that, I confirmed that, on my domain's other DCs, HKLM\SYSTEM\CurrentControlSet\Services\w32time\Parameters\Type was set to NT5DS (rather than NTP, which should only be set on the PDCe).  Running w32tm /config /update and w32tm /resync /rediscover on the other DCs then caused event 37 (The time provider NtpClient is currently receiving valid time data from master.XXXXXX.com) and event 35 (The time service is now synchronizing the system time with the time source master.XXXXX.com) to be reported.  Since that time there have been no additional w32time errors on any of our DCs, and running w32tm /monitor from client machines shows that all DCs are within 0.05 seconds of the PDCe.

ChandarS's suggestion to check GPOs (and me going back to check them AGAIN) is the only thing that pointed me to the solution.

Thank you!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.