RE: [NTSysADM] time not syncing

[Randal, Phil]

Manually configure that DC?

Oh no, it's easier than that, it can be done with a Group Policy and a WMI 
query:

http://blogs.technet.com/b/nepapfe/archive/2013/03/01/it-s-simple-time-configuration-in-active-directory.aspx

Cheers,

Phil

--
Phil Randal
Infrastructure Engineer
Hoople Ltd | Thorn Office Centre | Hereford HR2 6JT
Tel: 01432 260415 | Email: 
phil.ran...@hoopleltd.co.uk<mailto:phil.ran...@hoopleltd.co.uk>

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Ken Cornetet
Sent: 18 February 2014 13:50
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] time not syncing

Yes, member computers and non-PDC DCs in a domain sync to the PDC emulator for 
the domain. PDCs in child domains sync to the PDC emulator in the forest root 
domain. You should manually configure that DC to sync to an external source.

This probably works great in modern times, but back in the server 2000 days, 
this was a bit brittle - the slightest disturbance in the force could cause 
time sync to go haywire. That's why I installed the Meinberg NTP port on a 
couple of servers, configured them to talk to public NTP servers, and then 
configured all my PDC emulators to sync from them. This made for rock-solid 
time sync.


From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ziots, Edward
Sent: Tuesday, February 18, 2014 8:29 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] time not syncing

I believe in a domain that the members get time from the PDC Emulator and the 
PDC Emulator talks out to the NTP Servers on the internet. Way I remembered it 
a while ago when I did such things. Usually manually setting the list, is only 
done when systems aren't part of domain.

Z

Edward E. Ziots, CISSP, CISA, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org<mailto:ezi...@lifespan.org>
Work:401-255-2497


This electronic message and any attachments may be privileged and confidential 
and protected from disclosure. If you are reading this message, but are not the 
intended recipient, nor an employee or agent responsible for delivering this 
message to the intended recipient, you are hereby notified that you are 
strictly prohibited from copying, printing, forwarding or otherwise 
disseminating this communication. If you have received this communication in 
error, please immediately notify the sender by replying to the message. Then, 
delete the message from your computer. Thank you.
[Description: Description: Lifespan]


From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of J- P
Sent: Monday, February 17, 2014 12:41 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] time not syncing

it is, but now I'm questioning if the commas should be removed


Jean-Paul Natola

________________________________
From: ji...@jt-solution.com<mailto:ji...@jt-solution.com>
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] time not syncing
Date: Mon, 17 Feb 2014 17:18:40 +0000
Is the PDC virtual?  If it is, it could be pulling the time from the vm host.  
Is the vmhost set to the proper NTP server 
("0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org")  and not the PDC?



From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of J- P
Sent: Monday, February 17, 2014 7:50 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] time not syncing

Hi all,

i have follows these instructions to the letter, and have confirmed the values 
exist and are accurate in the registry of the 2008r2 DC, it remains 10 minutes 
off

All the computers, clients and servers, have the same time so its not causing 
any authentication issues (thankfully) but its annoying not be able to get the 
correct time

  1.  First, locate your PDC Server. Open the command prompt and type: 
C:\>netdom /query fsmo
  2.  Log in to your PDC Server and open the command prompt.
  3.  Stop the W32Time service: C:\>net stop w32time
  4.  Configure the external time sources, type: C:\> w32tm /config 
/syncfromflags:manual 
/manualpeerlist:"0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org"
  5.  Make your PDC a reliable time source for the clients. Type: C:\>w32tm 
/config /reliable:yes
  6.  Start the w32time service: C:\>net start w32time
  7.  The windows time service should begin synchronizing the time. You can 
check the external NTP servers in the time configuration by typing: C:\>w32tm 
/query /configuration

when i run this command w32tm /stripchart /computer:0.pool.ntp.org /samples:5 
/dataonly

C:\>w32tm /stripchart /computer:0.pool.ntp.org /samples:5 /dataonly
Tracking 0.pool.ntp.org [15.126.193.186:123].
Collecting 5 samples.
The current time is 2/17/2014 10:55:41 AM.
10:55:41, -607.5560514s
10:55:43, -607.5602488s
10:55:45, -607.5647196s
10:55:47, -607.5687176s
10:55:49, -607.5880149s
Hoople Ltd, Registered in England and Wales No. 7556595
Registered office: Plough Lane, Hereford, HR4 0LE

"Any opinion expressed in this e-mail or any attached files are those of the 
individual and not necessarily those of Hoople Ltd. You should be aware that 
Hoople Ltd. monitors its email service. This e-mail and any attached files are 
confidential and intended solely for the use of the addressee. This 
communication may contain material protected by law from being passed on. If 
you are not the intended recipient and have received this e-mail in error, you 
are advised that any use, dissemination, forwarding, printing or copying of 
this e-mail is strictly prohibited. If you have received this e-mail in error 
please contact the sender immediately and destroy all copies of it."

<<inline: image001.jpg>>