• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 427
  • Last Modified:

Windows Server 2003 AD Domain Site Unable to Locate PDCe

I have a single forest/domain with two sites. DC1(all FSMO roles) and DC2(GC) are in Site A(subnet 10.x.x.x) located in LA and DC3(GC) is Site B(subnet 172.x.x.x) located in Austin. The link from Site A to B is using IP as the transport. DC1 & 2 events are clean and systems are fully functional. DC3 DNS, AD & Sysvol replication has been tested and working properly, however in the event logs there are the following:
*Event ID 36 W32Time – The time service has not synchronized…(how do you sync a server in a different site and also in a different time zone?
*Event ID 5719 Netlogon – Not able to set up a secure session with a DC…
*Event ID 3096 Netlogon – The PDC for this domain could not be located…
*Event ID 3019 MRxSmb – The redirector failed to determine the connection type

Also, running dcdiag on the DC3 reports that it cannot find the PDC in the domain.


1 Solution
Sounds like either a DNS issue on GC3 or perhaps a firewall blocking communication between sites A and B.
1) Ensure all FW off
2) Point the DNS server for DC3 to the PDC DNS
3) do a nltest /v and dcdiag /v /fix for more information
4) ensure sites & service are properly setup
JeffreyAuthor Commented:
I have verified that all of the appropriate network ports are open between DC's and Sites. Today I also got an Event ID 8003 "Master Browser Election..." on DC3 because another system reported that it thinks it's the Master Browser. Is that normal?
I ran the dcdiag as suggested even though I stated in my original post that I had done so and got the same results. PDC not found. I'm not sure of the nltest /v settings needed. Im not sure what I'm looking for with this test.
Any other suggestions?
Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

I would configure DC3 to use an external NTP server.
Is DC1 using an external NTP source?


JeffreyAuthor Commented:
Hi, thanks for your response. DC1 is using an exerternal source and the rest of the domain is supposed to look to it for time. So, I shouild set DC3 to use an external source and the rest of that subnet will look to it for time?
disable external ntp sources on all servers except on one dc (pdc).
restart netlogon service in all other servers that appear to be master browser (there is ms tool, search for it, I used it last week to solve mbrx or something).
for different timezones, check regional settings. But servers communicate in utc...).
next, your server must point to propper dns. use ipconfig /all to check.
secure channels points to misconfigured dns.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now