Article ID: 257187 - View products that this article applies to.
This article was previously published under Q257187
NoticeThis article applies to Windows 2000. Support for Windows 2000 ends on July 13, 2010. The Windows 2000 End-of-Support Solution Center
(https://support.microsoft.com/?scid=http%3a%2f%2fsupport.microsoft.com%2fwin2000)is a starting point for planning your migration strategy from Windows 2000. For more information see the Microsoft Support Lifecycle Policy
When you view the status of Active Directory replication between two domain controllers, the following error messages may be displayed for the result of the last replication attempt.
Error message 1
The RPC server is unavailable.
Error message 2
The RPC server is too busy to complete this operation.
Error message 3
These error messages may be reported in the Event log through Active Directory Replication Monitor (Replmon.exe) from the Windows 2000 Support Tools or in Repadmin.exe from the Windows 2000 Support Tools.
Access is denied.
This problem occurs because the time service does not record an event in the Event log when the Windows Time service is configured to synchronize time against a specific host and that host is not available.
By default, Windows 2000-based computers synchronize time. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
216734However, this behavior can be overridden by specifying a time server as described in the article.
(https://support.microsoft.com/kb/216734/ )How to configure an authoritative time server in Windows 2000
If the time server is not available and the time difference between domain controllers drifts beyond the skew allowed by Kerberos, authentication between the two domain controllers may not succeed and the RPC error messages can result.
Service pack informationTo resolve this problem, obtain the latest service pack for Windows 2000. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
(https://support.microsoft.com/kb/260910/ )How to obtain the latest Windows 2000 service pack
One method of synchronizing time amongst domain controllers is to use the net time command to synchronize the time with the computer that holds the Primary Domain Controller (PDC) Operations Master role.
Note If you do not know the name of your PDC, please contact your network administrator.
To synchronize the time with the PDC, use the following command.
net time \\mypdc /set /yThis command instructs the local computer to synchronize its time with the server named Mypdc. The /set option specifies that the time not only be queried, but synchronized with the specified server. The /y switch skips the confirmation for changing the time on the local computer.
Another method is to use the W32tm.exe tool that is included with Windows 2000 to determine if a time server is explicitly configured for the local computer and if synchronizations against that host are not working. At a command prompt on the server displaying the error messages, type the following command:
w32tm.exe -vIn the following sample output, a time server named MYTIMESERVER has been configured, but it is unreachable by the local computer:
This article also fixes an incorrect calculation in the round trip which under certain conditions causes W32TIME and W32TM to potentially set the system time about 65 seconds ahead of real time.
W32Time: BEGIN:GetSocketForSynch W32Time: NTP: ntpptrs - MYTIMESERVER W32Time: rgbNTPServer MYTIMESERVER W32Time: NTP: gethostbyname failed W32Time: Port Pinging to - 123 W32Time: NTP: connect failed W32Time: END:Line 1147
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Windows 2000 Service Pack 2.
Article ID: 257187 - Last Review: February 28, 2007 - Revision: 4.4