Hi Thanks for the clues.
I've attached a DC Diag with all the working parts cut out. If that helps.
Starting test: NetLogons
* Network Logons Privileges Check
Unable to connect to the NETLOGON share! (\\SERV1\netlogon)
[SERV1] An net use or LsaPolicy operation failed with error 53, The network path was not found..
......................... SERV1 failed test NetLogons
Starting test: frsevent
* The File Replication Service Event log test
There are warning or error events within the last 24 hours after the
SYSVOL has been shared. Failing SYSVOL replication problems may cause
Group Policy problems.
An Warning Event occured. EventID: 0x800034FE
Time Generated: 08/03/2006 13:43:22
(Event String could not be retrieved)
An Warning Event occured. EventID: 0x800034C4
Time Generated: 08/03/2006 13:53:57
(Event String could not be retrieved)
......................... SERV1 failed test frsevent
Starting test: systemlog
* The System Event log test
An Error Event occured. EventID: 0x825A0011
Time Generated: 08/03/2006 15:29:02
Event String: Time Provider NtpClient: An error occurred during
DNS lookup of the manually configured peer
'time.windows.com,0x1'. NtpClient will try the
DNS lookup again in 120 minutes. The error was:
No such service is known. The service cannot be found in the specified name space. (0x8007277C)
Starting test: CheckSecurityError
* Dr Auth: Beginning security errors check!
No KDC found for domain BUS1.local in site Default-First-Site-Name (1355, NULL)
[SERV1] Unable to contact a KDC for the destination domain in it's own site. This means either there are no available KDC's for this domain in the site, *including* the destination DC itself, or we're having network or packet fragmentation issues connecting to it. We'll check packet fragmentation connection to the destination DC, make recommendations, and continue.
Checking UDP fragmentation issues to SERV1.
Warning: The maximum non-fragmentable UDP transfer unit is 1472.
This isn't a sufficient size for operation if any DC's in the enterprise are Win2k SP3 or earlier.
Solution: Either install at least W2K SP4 or better, or configure the network to allow non-fragmented UDP packets of at least 2008 bytes.
No KDC found for domain BUS1.local in site (ALL SITES) (1355, NULL)
[SERV1] Unable to contact a KDC for the destination domain. If no KDC for the destination domain is available, replication will be blocked!
If there is some KDC for that domain available, check network connectivity issues or see possible packet fragmentation issues above.
Checking machine account for DC SERV1 on DC SERV1.
* SPN found :LDAP/serv1.BUS1.local/BUS1.local
* SPN found :LDAP/serv1.BUS1.local
* SPN found :LDAP/SERV1
* SPN found :LDAP/serv1.BUS1.local/BUS1
* SPN found :LDAP/3132fbf3-56ea-4f5e-bc59-4bbcf164b254._msdcs.BUS1.local
* SPN found :E3514235-4B06-11D1-AB04-00C04FC2DCD2/3132fbf3-56ea-4f5e-bc59-4bbcf164b254/BUS1.local
* SPN found :HOST/serv1.BUS1.local/BUS1.local
* SPN found :HOST/serv1.BUS1.local
* SPN found :HOST/SERV1
* SPN found :HOST/serv1.BUS1.local/BUS1
* SPN found :GC/serv1.BUS1.local/BUS1.local
[SERV1] No security related replication errors were found on this DC! To target the connection to a specific source DC use /ReplSource:<DC>.
......................... SERV1 passed test CheckSecurityError
Starting test: FsmoCheck
Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 5
A Global Catalog Server could not be located - All GC's are down.
Warning: DcGetDcName(PDC_REQUIRED) call failed, error 5
A Primary Domain Controller could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(TIME_SERVER) call failed, error 5
A Time Server could not be located.
The server holding the PDC role is down.
Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error 5
A Good Time Server could not be located.
Warning: DcGetDcName(KDC_REQUIRED) call failed, error 5
A KDC could not be located - All the KDCs are down.
......................... BUS1.local failed test FsmoCheck
Starting test: DNS
Test results for domain controllers:
DC: serv1.BUS1.local
Domain: BUS1.local
TEST: Authentication (Auth)
Authentication test: Successfully completed
TEST: Basic (Basc)
Microsoft(R) Windows(R) Server 2003 for Small Business Server (Service Pack level: 1.0) is supported
NETLOGON service is running
kdc service is running
DNSCACHE service is running
DNS service is running
DC is a DNS server
Network adapters information:
Adapter [00000009] IBM Netfinity Fault Tolerance PCI Adapter:
MAC address is 00:06:29:38

6:15
IP address is static
IP address: 10.0.0.1
DNS servers:
10.0.0.1 (serv1.BUS1.local.) [Valid]
Warning: 10.0.0.2 (<name unavailable>) [Invalid (unreachable)]
The A record for this DC was found
The SOA record for the Active Directory zone was found
The Active Directory zone on this DC/DNS server was found (primary)
Root zone on this DC/DNS server was not found
TEST: Delegations (Del)
Delegation information for the zone: BUS1.local.
Delegated domain name: _msdcs.BUS1.local.
DNS server: serv1.BUS1.local. IP:10.0.0.1 [Valid]
TEST: Dynamic update (Dyn)
Dynamic update is enabled on the zone BUS1.local.
Test record _dcdiag_test_record added successfully in zone BUS1.local.
Test record _dcdiag_test_record deleted successfully in zone BUS1.local.
TEST: Records registration (RReg)
Network Adapter [00000009] IBM Netfinity Fault Tolerance PCI Adapter:
Matching A record found at DNS server 10.0.0.1:
serv1.BUS1.local
Matching CNAME record found at DNS server 10.0.0.1:
3132fbf3-56ea-4f5e-bc59-4bbcf164b254._msdcs.BUS1.local
Matching DC SRV record found at DNS server 10.0.0.1:
_ldap._tcp.dc._msdcs.BUS1.local
Matching GC SRV record found at DNS server 10.0.0.1:
_ldap._tcp.gc._msdcs.BUS1.local
Matching PDC SRV record found at DNS server 10.0.0.1:
_ldap._tcp.pdc._msdcs.BUS1.local
Summary of test results for DNS servers used by the above domain controllers: