Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

You cannot log on to the domain, join a computer to the domain, or run the Active Directory Installation Wizard (Dcpromo.exe) in Windows Server 2003


View products that this article applies to.

Symptoms

Symptom 1

When you try to join a Windows Server 2003-based computer to a domain, the operation may not be successful. Additionally, you receive the following error message:
Domain Controller for this domain could not be contacted.

Symptom 2

When you try to remove Active Directory from a domain controller in a Windows Server 2003-based computer in the same domain by using another domain controller, you may receive the following error message:
The check box that indicates that this domain controller is the last controller for the domain domain name is not selected. However no other Active Directory Controller for this domain can be contacted.

Symptom 3

When you run the dcdiag.exe command prompt utility on a Windows Server 2003-based computer, the operation is unsuccessful. The following errors are logged:
Starting test: NetLogons
* Network Logons Privileges Check
......................... REPLAY-SERVER passed test NetLogons
Starting test: Advertising
Fatal Error:DsGetDcName (REPLAY-SERVER) call failed, error 1355
The Locator could not find the server.
......................... REPLAY-SERVER failed test Advertising
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
A Global Catalog Server could not be located - All GC's are down.
PDC Name: \\Replay-server.broadgate.local
Locator Flags: 0xe00003fd
Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 1355
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
A KDC could not be located - All the KDCs are down.
......................... broadgate.local failed test FsmoCheck

↑ Back to the top


Cause

This problem occurs because the domain controller that is present in the domain is not identifying itself as the domain controller. This indicates that the Sysvol and the Netlogon folders are not shared. This problem may occur when the policies and scripts that are stored in the %Windows%Sysvol\Sysvol\DomainName folder are not available.

The policies and scripts may not be available in the following scenarios.

Scenario 1

The Policies and Scripts folders may be missing completely.

Scenario 2

The Policies and Scripts folders may be present in the Ntfrs_Preexisting folder.

Scenario 3

The Policies and Scripts folders are present. However, they are empty.

↑ Back to the top


Resolution

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall the operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.
To resolve this problem, verify the following path for the Policies and Scripts folder:
%Windows%Sysvol\Sysvol\Domain Name
Follow the steps, depending on the cause.

Resolution 1

  1. If it is a single domain controller setup, create the Policies and Scripts folders manually.
  2. Start Registry Editor. Locate to the following subkey:
    HKLM\SYSTEM\CurrentControlSet\Services\Ntfrs\Parameters\Backup/Restore\Process at Startup
  3. Set the value of the BurFlags registry entry to D4.

    Note Before you change the registry, see the "More Information" section.
  4. Restart the Ntfrs service, and then wait until the Sysvol and the Netlogon folders are shared.
  5. Run the Dcgpofix command prompt utility.

    Note After you run this tool, all the default policies are implemented. The custom policies are not implemented.

    For more information about Dcgpofix utility, visit the following Microsoft TechNet Web site:

Resolution 2

  1. Copy the contents from Ntfrs_Preexisting folder to the %Windows%Sysvol\Sysvol\Domain Name folder.
  2. Start Registry Editor. Locate to the following subkey:
    HKLM\SYSTEM\CurrentControlSet\Services\Ntfrs\Parameters\Backup/Restore\Process at Startup
    .
  3. Set the value of the BurFlags registry entry to D4.

    Note Before you change the registry, see the "More Information" section.
  4. Restart the Ntfrs service, and then wait until the Sysvol and the Netlogon folders are shared.

Resolution 3

For both single domain controller setup and multiple domain controller environments, restore the Policies and Scripts folders from a valid backup.

↑ Back to the top


More information

For more information about how to rebuild Sysvol tree, click the following article number to view the article in the Microsoft Knowledge Base:
315457 How to rebuild the SYSVOL tree and its content in a domain

You must be careful when you reinitialize the File Replication Service (FRS) database by setting the value to D4 or D2. If Distributed File System (DFS) is configured in the network, the reinitializing of the database will differ, depending on the replica sets.
For more information about BurFlag registry key, click the following article number to view the article in the Microsoft Knowledge Base:
290762 Using the BurFlags registry key to reinitialize File Replication Service replica sets

↑ Back to the top


Keywords: KB958804, kbprb, kbtshoot

↑ Back to the top

Article Info
Article ID : 958804
Revision : 1
Created on : 11/11/2008
Published on : 11/11/2008
Exists online : False
Views : 441