RPC error messages are returned for Active Directory replication when time is out of synchronization

This article was previously published under Q257187
This article applies to Windows 2000. Support for Windows 2000 ends on July 13, 2010. The Windows 2000 End-of-Support Solution Center is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft Support Lifecycle Policy.
This article has been archived. It is offered "as is" and will no longer be updated.
When you view the status of Active Directory replication between two domain controllers, the following error messages may be displayed for the result of the last replication attempt.
Error message 1
The RPC server is unavailable.
Error message 2
The RPC server is too busy to complete this operation.
Error message 3
Access is denied.
These error messages may be reported in the Event log through Active Directory Replication Monitor (Replmon.exe) from the Windows 2000 Support Tools or in Repadmin.exe from the Windows 2000 Support Tools.
This problem occurs because the time service does not record an event in the Event log when the Windows Time service is configured to synchronize time against a specific host and that host is not available.

By default, Windows 2000-based computers synchronize time.For more information, click the following article number to view the article in the Microsoft Knowledge Base:
216734 How to configure an authoritative time server in Windows 2000
However, this behavior can be overridden by specifying a time server as described in the article.

If the time server is not available and the time difference between domain controllers drifts beyond the skew allowed by Kerberos, authentication between the two domain controllers may not succeed and the RPC error messages can result.

Service pack information

To resolve this problem, obtain the latest service pack for Windows 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
260910 How to obtain the latest Windows 2000 service pack
One method of synchronizing time amongst domain controllers is to use the net time command to synchronize the time with the computer that holds the Primary Domain Controller (PDC) Operations Master role.

Note If you do not know the name of your PDC, please contact your network administrator.

To synchronize the time with the PDC, use the following command.
net time \\mypdc /set /y
This command instructs the local computer to synchronize its time with the server named Mypdc. The /set option specifies that the time not only be queried, but synchronized with the specified server. The /y switch skips the confirmation for changing the time on the local computer.

Another method is to use the W32tm.exe tool that is included with Windows 2000 to determine if a time server is explicitly configured for the local computer and if synchronizations against that host are not working. At a command prompt on the server displaying the error messages, type the following command:
w32tm.exe -v
In the following sample output, a time server named MYTIMESERVER has been configured, but it is unreachable by the local computer:
   W32Time:       BEGIN:GetSocketForSynch   W32Time:          NTP: ntpptrs[0] - MYTIMESERVER   W32Time:          rgbNTPServer MYTIMESERVER   W32Time:          NTP: gethostbyname failed   W32Time:          Port Pinging to - 123   W32Time:          NTP: connect failed   W32Time:       END:Line 1147				
This article also fixes an incorrect calculation in the round trip which under certain conditions causes W32TIME and W32TM to potentially set the system time about 65 seconds ahead of real time.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Windows 2000 Service Pack 2.

Article ID: 257187 - Last Review: 12/05/2015 19:04:28 - Revision: 4.4

Microsoft Windows 2000 Server, Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Datacenter Server

  • kbnosurvey kbarchive kbhotfixserver kbqfe kbbug kbenv kberrmsg kbrpc KB257187