Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 425
  • Last Modified:

Windows Server 2003 AD Domain Site Unable to Locate PDCe

Hi,
I have a single forest/domain with two sites. DC1(all FSMO roles) and DC2(GC) are in Site A(subnet 10.x.x.x) located in LA and DC3(GC) is Site B(subnet 172.x.x.x) located in Austin. The link from Site A to B is using IP as the transport. DC1 & 2 events are clean and systems are fully functional. DC3 DNS, AD & Sysvol replication has been tested and working properly, however in the event logs there are the following:
*Event ID 36 W32Time – The time service has not synchronized…(how do you sync a server in a different site and also in a different time zone?
*Event ID 5719 Netlogon – Not able to set up a secure session with a DC…
*Event ID 3096 Netlogon – The PDC for this domain could not be located…
*Event ID 3019 MRxSmb – The redirector failed to determine the connection type

Also, running dcdiag on the DC3 reports that it cannot find the PDC in the domain.

Anyone?
Thanks,

muffin
0
Jeffrey
Asked:
Jeffrey
1 Solution
 
vanbarsounCommented:
Sounds like either a DNS issue on GC3 or perhaps a firewall blocking communication between sites A and B.
0
 
hydrokidCommented:
1) Ensure all FW off
2) Point the DNS server for DC3 to the PDC DNS
3) do a nltest /v and dcdiag /v /fix for more information
4) ensure sites & service are properly setup
0
 
JeffreyAuthor Commented:
I have verified that all of the appropriate network ports are open between DC's and Sites. Today I also got an Event ID 8003 "Master Browser Election..." on DC3 because another system reported that it thinks it's the Master Browser. Is that normal?
I ran the dcdiag as suggested even though I stated in my original post that I had done so and got the same results. PDC not found. I'm not sure of the nltest /v settings needed. Im not sure what I'm looking for with this test.
Any other suggestions?
Thanks
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
65tdCommented:
I would configure DC3 to use an external NTP server.
Is DC1 using an external NTP source?

http://support.microsoft.com/kb/216734/

0
 
JeffreyAuthor Commented:
Hi, thanks for your response. DC1 is using an exerternal source and the rest of the domain is supposed to look to it for time. So, I shouild set DC3 to use an external source and the rest of that subnet will look to it for time?
0
 
MalajloCommented:
disable external ntp sources on all servers except on one dc (pdc).
restart netlogon service in all other servers that appear to be master browser (there is ms tool, search for it, I used it last week to solve mbrx or something).
for different timezones, check regional settings. But servers communicate in utc...).
next, your server must point to propper dns. use ipconfig /all to check.
secure channels points to misconfigured dns.
0

Featured Post

Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now