如何强制域控制器与PDC同步?
DC2 ( VM)不能与DC1 (物理服务器)同步。在DC2上我得到:
PS C:\> w32tm /query /source
Local CMOS Clock为了使DC2与DC1同步作为时间来源,我必须做什么?
背景:我必须替换DC1,这是我的操作大师。没有机会优雅地降级DC1;它只是从域中消失了。当我成功地重新创建DC1时,DC2是操作的主人。and正确复制后,我将fsmo角色转移到新的DC1,并将DC1设置为"0.us.pool.ntp.org“。DC1返回一个很好的条带图。我再次确认所有fsmo角色都设置为DC1。我已经确认了用于DC2的Hyper集成服务没有检查时间同步.
我花了一些时间研究这个问题,但是到目前为止还没有找到将w32tm从它的CMOS时钟中移出DC2的序列/命令。在这一点上,我需要一点帮助或提醒如何做到这一点。
在初始帖子之后添加:我确实发现了以下DC2 dcdiag错误:
Starting test: Advertising
Warning: VSVR-WBC-DC02 is not advertising as a time server.
......................... VSVR-WBC-DC02 failed test Advertising
A warning event occurred. EventID: 0x00000081
Time Generated: 12/27/2018 14:50:05
Event String:
NtpClient was unable to set a domain peer to use as a time source
because of discovery error. NtpClient will
try again in 15 minutes and double the reattempt interval thereafter.
The error was: The entry is not found. (0x800706E1)
Running enterprise tests on : wbc.local
Starting test: LocatorCheck
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 1355
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed,
A Good Time Server could not be located.
......................... wbc.local failed test LocatorCheck和DC1诊断错误:
Starting test: Advertising
Warning: DsGetDcName returned information for \\vsvr-wbc-dc02.wbc.local,
when we were trying to reach SVR-WBC-DC01.
SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
......................... SVR-WBC-DC01 failed test Advertising
Starting test: NetLogons
Unable to connect to the NETLOGON share! (\\SVR-WBC-DC01\netlogon)
[SVR-WBC-DC01] An net use or LsaPolicy operation failed with error
67, The network name cannot be found..
Starting test: SystemLog
A warning event occurred. EventID: 0x0000002F
Time Generated: 12/27/2018 14:56:32
Event String:
Time Provider NtpClient: No valid response has been received from
manually configured peer 0.us.pool.ntp.org
after 8 attempts to contact it. This peer will be discarded as a
time source and NtpClient will attempt to discover a new peer
with this DNS name. The error was: The peer is unreachable.
Running enterprise tests on : wbc.local
Starting test: LocatorCheck
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
A Good Time Server could not be located.
......................... wbc.local failed test LocatorCheck回答 1
Server Fault用户
发布于 2018-12-31 20:58:13
这个答案解决了我的问题,但它不一定是对别人发布的问题的直接回答。我之所以提供这个答案,是因为另一个人可能会带着同样的问题来到这里,而事实上,这个问题与格雷格·阿斯凯( Greg )的第一个评论有很大的不同。
对我来说,真正的问题是SYSVOL和NETLOGON的股票没有出现在新的域控制器上,我应该检查一下早期的愚蠢错误。在功率壳中可以看到:
PS C:\>net share当这些卷不存在时,就会出现更大的问题。在我的案例中,DCDIAG报告了失败的广告,这是过于笼统的问题。
根据这个微软支持页面,我的特殊问题通过强制对DFSR复制的SYSVOL进行权威同步来解决。
对我来说,过去失败的广告是因为PDC的时间源不能正常工作。这一经验使我对这个问题的性质得出结论,但这一结论是不正确的。
如果PDC时间源是问题,则此服务器故障邮政可能是有价值的。
因为我突然删除了一个域控制器而没有优雅的降级,所以我还需要清理元数据。虽然我在Active Directory用户和计算机以及Active Directory站点和计算机中正确地做到了这一点,但我在DNS中没有做到这一点。我清理DNS的经验是,整个DNS都存在丢失的域控制器,我必须遍历每个子树来查找对旧控制器的引用,有时只是通过IP或其他一些数字标识,因为旧的域服务器名称在某些DNS条目中丢失了。
感谢上面的评论为我指明了正确的方向。
https://serverfault.com/questions/946818
复制相似问题
腾讯云开发者
