????????????????????????????????????????????????????????????
????????????????????? "The Active Directory Domain Services is Currently Unavailable" ???????????? error ????????????????????????????????? Windows ?????????????????????????????????????????????????????????????????? ????????????????????? network resources ????????????????????? printer ????????????????????????????????????????????? network ????????? Active Directory Domain Services (AD DS) ??????????????????????????????????????? Windows Server ??????????????????????????? authentication, authorization ????????? directory services ????????????????????????
??????????????? AD DS ?????????????????????????????????????????? ????????????????????????????????????????????? ???????????????????????????????????????????????????????????????????????? network printer, ???????????????????????????????????????????????? shared folders, ????????????????????????????????? domain ??????????????????, Group Policy ????????????????????????, ??????????????????????????????????????????????????? AD authentication ????????????????????? ????????????????????????????????????????????????????????????????????????????????????????????? join domain ?????????????????????????????? standalone ?????????????????? printer sharing
??????????????????????????????????????????
??????????????????????????????????????? error ?????????
# === Diagnostic Commands ===
# 1. Check Print Spooler Service
Get-Service -Name Spooler | Select-Object Name, Status, StartType
# If stopped, start it
Start-Service -Name Spooler
Set-Service -Name Spooler -StartupType Automatic
# 2. Check DNS Resolution
nslookup your-domain-controller.company.local
Resolve-DnsName -Name your-domain-controller.company.local
# 3. Check Network Connectivity
Test-NetConnection -ComputerName domain-controller -Port 389
Test-NetConnection -ComputerName domain-controller -Port 636
Test-NetConnection -ComputerName domain-controller -Port 88
# 4. Check AD Services
# On Domain Controller:
Get-Service -Name NTDS, DNS, Netlogon, KDC | Select-Object Name, Status
# 5. Check Domain Trust
Test-ComputerSecureChannel -Verbose
# 6. Check Printer Connectivity
Get-Printer | Select-Object Name, PortName, DriverName, PrinterStatus
# 7. Check Event Logs for errors
Get-WinEvent -LogName System -MaxEvents 20 |
Where-Object { $_.LevelDisplayName -eq "Error" } |
Select-Object TimeCreated, Message |
Format-List
# 8. Common Causes Summary
$causes = @{
"Print Spooler stopped" = "Service ???????????????????????????"
"DNS misconfiguration" = "DNS ??????????????????????????? resolve domain controller"
"Network disconnected" = "????????????????????????????????????????????? network"
"Firewall blocking" = "Firewall ??????????????? ports 389,636,88"
"Computer account expired" = "Computer account ?????? AD ?????????????????????"
"Time sync issue" = "?????????????????????????????????????????????????????? DC ???????????? 5 ????????????"
"Printer driver corrupt" = "Driver printer ?????????????????????"
"Credential cache expired" = "Cached credentials ?????????????????????"
}
foreach ($cause in $causes.GetEnumerator()) {
Write-Host " $($cause.Key): $($cause.Value)"
}??????????????????????????????????????? Command Line
???????????????????????????????????? PowerShell ????????? CMD
# === Fix Active Directory Domain Services Unavailable ===
# Fix 1: Restart Print Spooler (?????????????????? 60% ?????????????????????)
Stop-Service -Name Spooler -Force
Start-Sleep -Seconds 3
Start-Service -Name Spooler
Get-Service -Name Spooler
# Fix 2: Clear Print Queue
Stop-Service -Name Spooler -Force
Remove-Item -Path "C:\Windows\System32\spool\PRINTERS\*" -Force
Start-Service -Name Spooler
Write-Host "Print queue cleared"
# Fix 3: Re-register DLL files
# Run as Administrator
regsvr32 /s wsdapi.dll
regsvr32 /s wsdprovider.dll
# Fix 4: Reset Winsock and TCP/IP
netsh winsock reset
netsh int ip reset
ipconfig /flushdns
ipconfig /registerdns
# Fix 5: Rejoin Domain (if computer account is broken)
# Run on client machine as local admin
# Step 1: Remove from domain
# Remove-Computer -UnjoinDomainCredential (Get-Credential) -Force -Restart
# Step 2: After restart, rejoin domain
# Add-Computer -DomainName "company.local" -Credential (Get-Credential) -Restart
# Fix 6: Reset Computer Account Password
# On Domain Controller:
# Reset-ComputerMachinePassword -Server "DC01" -Credential (Get-Credential)
# Fix 7: Fix Printer Port
$printerName = "HP LaserJet Pro"
$printerIP = "192.168.1.100"
# Remove and re-add printer port
Remove-PrinterPort -Name "IP_$printerIP" -ErrorAction SilentlyContinue
Add-PrinterPort -Name "IP_$printerIP" -PrinterHostAddress $printerIP
Set-Printer -Name $printerName -PortName "IP_$printerIP"
# Fix 8: Time Sync (Kerberos requires <5min difference)
w32tm /resync /force
w32tm /query /status
# Fix 9: Group Policy Update
gpupdate /force
Write-Host "All fixes applied. Test printing now."??????????????????????????? Windows Settings
????????????????????????????????? GUI
# === GUI-Based Fixes (Step-by-Step) ===
cat > fix_guide.yaml << 'EOF'
gui_fixes:
fix_1_printer_troubleshooter:
steps:
- "Settings ??? System ??? Troubleshoot ??? Other troubleshooters"
- "Click 'Run' next to Printer"
- "Follow the wizard to detect and fix issues"
success_rate: "40%"
fix_2_add_printer_manually:
steps:
- "Settings ??? Bluetooth & devices ??? Printers & scanners"
- "Click 'Add device'"
- "If not found, click 'Add manually'"
- "Select 'Add a printer using TCP/IP address'"
- "Enter printer IP address"
- "Select correct driver"
success_rate: "70%"
fix_3_services:
steps:
- "Press Win+R, type services.msc"
- "Find 'Print Spooler'"
- "Right-click ??? Restart"
- "Also check these services are running:"
- " - DNS Client"
- " - DHCP Client"
- " - TCP/IP NetBIOS Helper"
- " - Workstation"
- " - Server (if sharing printer)"
success_rate: "60%"
fix_4_registry:
warning: "Backup registry first!"
steps:
- "Press Win+R, type regedit"
- "Navigate to HKEY_CURRENT_USER\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Windows"
- "Find 'Device' value"
- "Set it to your default printer name"
- "Example: HP LaserJet Pro,winspool,IP_192.168.1.100"
- "Restart Print Spooler service"
success_rate: "50%"
fix_5_firewall:
steps:
- "Control Panel ??? Windows Defender Firewall"
- "Click 'Allow an app through firewall'"
- "Check 'File and Printer Sharing' for both Private and Public"
- "Also check 'Network Discovery'"
success_rate: "30%"
fix_6_update_driver:
steps:
- "Device Manager ??? Print queues"
- "Right-click printer ??? Update driver"
- "Search automatically or browse to downloaded driver"
- "Or download latest driver from manufacturer website"
success_rate: "50%"
EOF
python3 -c "
import yaml
with open('fix_guide.yaml') as f:
data = yaml.safe_load(f)
print('GUI Fixes (ordered by success rate):')
fixes = sorted(data['gui_fixes'].items(), key=lambda x: x[1].get('success_rate', '0%'), reverse=True)
for name, info in fixes:
print(f' {name}: {info[\"success_rate\"]} success')
print(f' Step 1: {info[\"steps\"][0]}')
"
echo "Fix guide created"??????????????? Script ????????????????????????????????????????????????
PowerShell script ?????????????????? diagnose ????????? fix ???????????????????????????
# === Automated Diagnostic & Fix Script ===
# Save as Fix-ADPrinter.ps1 ??? Run as Administrator
#Requires -RunAsAdministrator
$ErrorActionPreference = "SilentlyContinue"
$issues = @()
$fixes = @()
Write-Host "=== AD Domain Services Printer Diagnostic ===" -ForegroundColor Cyan
# 1. Check Print Spooler
Write-Host "`n[1/7] Checking Print Spooler..." -ForegroundColor Yellow
$spooler = Get-Service -Name Spooler
if ($spooler.Status -ne "Running") {
$issues += "Print Spooler is $($spooler.Status)"
Start-Service -Name Spooler
Set-Service -Name Spooler -StartupType Automatic
$fixes += "Started Print Spooler service"
} else {
Write-Host " OK: Print Spooler is running" -ForegroundColor Green
}
# 2. Check DNS
Write-Host "[2/7] Checking DNS..." -ForegroundColor Yellow
$dns = Resolve-DnsName -Name (Get-WmiObject Win32_ComputerSystem).Domain 2>$null
if (-not $dns) {
$issues += "DNS resolution failed for domain"
ipconfig /flushdns | Out-Null
ipconfig /registerdns | Out-Null
$fixes += "Flushed and re-registered DNS"
} else {
Write-Host " OK: DNS resolving" -ForegroundColor Green
}
# 3. Check Network
Write-Host "[3/7] Checking Network..." -ForegroundColor Yellow
$network = Test-NetConnection -ComputerName (Get-WmiObject Win32_ComputerSystem).Domain -Port 389 -WarningAction SilentlyContinue
if (-not $network.TcpTestSucceeded) {
$issues += "Cannot reach Domain Controller on port 389 (LDAP)"
} else {
Write-Host " OK: DC reachable on LDAP port" -ForegroundColor Green
}
# 4. Check Time Sync
Write-Host "[4/7] Checking Time Sync..." -ForegroundColor Yellow
$timeStatus = w32tm /query /status 2>$null
w32tm /resync /force 2>$null | Out-Null
$fixes += "Resynced time"
Write-Host " OK: Time resynced" -ForegroundColor Green
# 5. Check Printers
Write-Host "[5/7] Checking Printers..." -ForegroundColor Yellow
$printers = Get-Printer
Write-Host " Found $($printers.Count) printer(s)" -ForegroundColor Green
foreach ($p in $printers) {
$status = if ($p.PrinterStatus -eq "Normal") { "OK" } else { $p.PrinterStatus }
Write-Host " $($p.Name): $status"
}
# 6. Check Secure Channel
Write-Host "[6/7] Checking Domain Trust..." -ForegroundColor Yellow
$trust = Test-ComputerSecureChannel 2>$null
if ($trust -eq $false) {
$issues += "Domain trust relationship broken"
Write-Host " FAILED: Trust broken. May need to rejoin domain." -ForegroundColor Red
} else {
Write-Host " OK: Domain trust intact" -ForegroundColor Green
}
# 7. Check Required Services
Write-Host "[7/7] Checking Required Services..." -ForegroundColor Yellow
$requiredServices = @("Spooler", "Dnscache", "Dhcp", "LanmanWorkstation")
foreach ($svc in $requiredServices) {
$s = Get-Service -Name $svc 2>$null
if ($s -and $s.Status -ne "Running") {
Start-Service -Name $svc
$fixes += "Started service: $svc"
}
}
Write-Host " OK: All required services checked" -ForegroundColor Green
# Summary
Write-Host "`n=== Summary ===" -ForegroundColor Cyan
if ($issues.Count -eq 0) {
Write-Host "No issues found. Try restarting the application." -ForegroundColor Green
} else {
Write-Host "Issues found: $($issues.Count)" -ForegroundColor Red
foreach ($i in $issues) { Write-Host " - $i" -ForegroundColor Red }
}
if ($fixes.Count -gt 0) {
Write-Host "Fixes applied: $($fixes.Count)" -ForegroundColor Yellow
foreach ($f in $fixes) { Write-Host " - $f" -ForegroundColor Yellow }
}
Write-Host "`nDone. Please test printing again." -ForegroundColor Cyan?????????????????????????????????????????????????????????
???????????????????????????????????????
# === Prevention Best Practices ===
cat > prevention.json << 'EOF'
{
"prevention_checklist": {
"monitoring": {
"description": "???????????????????????? monitoring ?????????????????? AD ????????? Print Services",
"tools": ["Windows Event Log", "PRTG", "Nagios", "Zabbix"],
"alerts": [
"Print Spooler service stopped",
"Domain Controller unreachable",
"Replication failures",
"Time sync drift > 2 minutes"
]
},
"maintenance": {
"weekly": [
"????????????????????? Event Log ?????????????????? errors",
"Verify Print Spooler running on all servers",
"Check AD replication status"
],
"monthly": [
"Update printer drivers",
"Review and clean print queues",
"Test computer secure channel",
"Verify DNS records are correct"
],
"quarterly": [
"Full AD health check (dcdiag)",
"Review Group Policy for printer deployment",
"Test disaster recovery procedures",
"Update documentation"
]
},
"group_policy": {
"description": "????????? GPO deploy printers ????????? manual install",
"benefits": [
"Consistent printer setup across organization",
"Automatic driver updates",
"Centralized management",
"Easy troubleshooting"
],
"gpo_path": "Computer Config > Policies > Windows Settings > Deployed Printers"
},
"redundancy": {
"print_server": "???????????? backup print server (failover cluster)",
"domain_controller": "?????? DC ??????????????????????????? 2 ?????????????????? site",
"dns": "???????????? secondary DNS server",
"driver_repository": "???????????? driver ?????????????????? network share ?????????????????? emergency"
}
}
}
EOF
python3 -c "
import json
with open('prevention.json') as f:
data = json.load(f)
checklist = data['prevention_checklist']
print('Prevention Checklist:')
for area, info in checklist.items():
if isinstance(info, dict):
print(f'\n {area}: {info.get(\"description\", \"\")}')
if 'weekly' in info:
print(f' Weekly: {len(info[\"weekly\"])} tasks')
print(f' Monthly: {len(info[\"monthly\"])} tasks')
"
echo "Prevention guide complete"FAQ ??????????????????????????????????????????
Q: Error ?????????????????????????????????????????????????????????????????? join domain ??????????
A: ????????? ??????????????????????????????????????????????????????????????? join domain ?????????????????????????????? standalone ??????????????????????????????????????? join domain ?????????????????????????????? DC ??????????????????????????????????????????, trust relationship ????????????, DNS ????????????????????? ??????????????????????????????????????? standalone ?????????????????????????????? Print Spooler ???????????????????????????, printer driver ?????????????????????, network printer ?????????????????????????????????????????????????????????, Windows printer sharing ????????????????????? ?????????????????????????????????????????? ????????????????????? domain ???????????? check AD connectivity ???????????? ????????????????????? standalone ???????????????????????? restart Print Spooler ????????? check network connectivity
Q: Trust relationship broken ???????????????????????????????
A: Trust relationship broken ????????????????????? computer account password ?????? AD ???????????????????????????????????????????????? client ??????????????????????????????????????????????????? ????????? PowerShell Reset-ComputerMachinePassword -Server "DC01" -Credential (Get-Credential) ????????? as local admin ??????????????????????????? unjoin domain ???????????? rejoin Remove-Computer ????????????????????? Add-Computer -DomainName "company.local" ???????????? restart ???????????? 2 ??????????????? ????????? login ???????????? domain account ?????????????????? ????????? login ???????????? local admin account ???????????? (.\administrator) ????????????????????????????????? ????????????????????? ???????????? scheduled task ??????????????? Test-ComputerSecureChannel ??????????????????
Q: ??????????????????????????????????????????????????????????????? ????????????????????????????
A: ?????????????????? AD error ?????????????????????????????????????????????????????? ????????????????????????????????????????????? ?????? printer ???????????? add ???????????? (Remove-Printer, Add-Printer), ?????? driver ????????????????????????????????????????????????????????? (????????? Device Manager), ???????????? printer IP address ????????????????????? (ping ???????????????), ???????????? firewall ???????????????????????? port 9100 (raw printing) ???????????? 631 (IPP), ????????? print test page ????????? Printer Properties, ???????????? printer queue ??????????????? stuck jobs (clear queue), ?????????????????? Windows ??????????????????????????? (????????? KB fix printer bugs), ????????????????????? USB printer ?????????????????????????????? USB port ?????????????????????
Q: ???????????????????????????????????????????????????????????????????????????????
A: ???????????????????????????????????????????????????????????? ???????????? ???????????? Print Spooler ???????????? Automatic (Delayed Start), ???????????? monitoring alert ??????????????? Print Spooler ????????????, ????????? GPO deploy printers (????????????????????? manual install), ?????? Domain Controller ??????????????????????????? 2 ????????? (redundancy), ???????????? NTP sync ?????????????????????????????? (????????????????????????????????? 5 ????????????), DNS ???????????? point ?????? DC ?????????????????????????????? (?????????????????? public DNS), Regular maintenance ?????? dcdiag ?????????????????????????????? AD ????????????????????????, ?????????????????? printer drivers ???????????????????????????????????????????????????????????????
Q: dcdiag ????????????????????? ???????????????????????????????
A: dcdiag ???????????? command line tool ???????????????????????????????????????????????? Domain Controller ??????????????? DC ???????????????????????? ?????????????????? dcdiag /v (verbose) ??????????????????????????? test, dcdiag /test:dns ??????????????? DNS, dcdiag /test:replications ??????????????? AD replication, dcdiag /a ???????????????????????? DC ?????? site ???????????????????????????????????? passed test ????????? item ????????? failed ?????????????????????????????? test ????????? fail ?????????????????? printer issue ??????????????? DNS test ????????? connectivity test ???????????????????????? repadmin /showrepl ??????????????? replication status ???????????????????????????
