AD DS: The AD DS service must be running on this domain controller

  • Article

Updated: August 31, 2012

Applies To: Windows Server 2008 R2, Windows Server 2012

This topic is intended to address a specific issue identified by a Best Practices Analyzer scan. You should apply the information in this topic only to computers that have had the Active Directory Domain Services Best Practices Analyzer run against them and are experiencing the issue addressed by this topic. For more information about best practices and scans, see Best Practices Analyzer (https://go.microsoft.com/fwlink/?LinkId=122786).

Operating System

Windows Server 2008 R2

Windows Server 2012

Product/Feature

Active Directory Domain Services (AD DS)

Severity

Error

Category

Configuration

Issue

The Active Directory Domain Services (AD DS) service is stopped on this domain controller.

Impact

The Active Directory Domain Services Best Practices Analyzer (AD DS BPA) that is running on this domain controller cannot collect configuration data from the Active Directory environment that this domain controller belongs to.

Resolution

Make sure that the AD DS service is running on this domain controller.

In Windows Server 2008 and Windows Server 2008 R2, you can stop or start AD DS, just like you stop other services that are running locally on the server. A domain controller running Windows Server 2008 or Windows Server 2008 R2 displays AD DS in the Services node of the Computer Management snap-in so that you can easily stop and restart AD DS. The AD DS service must be running on your domain controller so that the AD DS BPA can collect configuration data from the Active Directory environment to which this domain controller belongs.

Use the following procedure to query whether AD DS is running or stopped on your domain controller. You can use this procedure to query the local domain controller or a remote domain controller.

Membership in the Built-in Administrators group on the computer where you run the command, or equivalent, is the minimum required to complete these procedures. Review details about using the appropriate accounts and group memberships at Local and Domain Default Groups (https://go.microsoft.com/fwlink/?LinkId=83477).

To query whether AD DS is running or stopped on a domain controller

  1. Click Start, right-click Command Prompt, and then click Run as administrator.

  2. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.

  3. To query whether AD DS is running on the local domain controller, type the following command, and then press ENTER:

    sc query ntds

    To query whether AD DS is running on a remote computer, type the following command, and then press ENTER:

    sc \\<hostname> query ntds

    where <hostname> is the name of the computer that you want to query.

Use the following procedure to restart AD DS.

To restart AD DS

  1. Click Start, click Administrative Tools, and then click Computer Management.

Note

Computer Management is also available under Administrative Tools as part of Remote Server Administration Tools (RSAT), which you can install on computers from which you remotely manage your Active Directory domain controllers. To download and install RSAT, see Remote Server Administration Tools for Windows 7 (https://go.microsoft.com/fwlink/?LinkID=130862).

  1. Double-click Services and Applications, and then click Services.

  2. Right-click Active Directory Domain Services, and then click Start.

    Dependent services start before AD DS starts.

Note

If you right-click Active Directory Domain Services and then click Properties, you see a list of the services that depend on AD DS to function and another list of services that AD DS depends on to function. All dependent services also stop when AD DS is stopped.

Additional references