I'll plug my own article on this topic. :) http://theessentialexchange.com/blogs/michael/archive/2010/01/29/a-brief-history-of-time-ok-ok-let-s-go-with-quot-an-introduction-to-the-windows-time-service-quot.aspx
From: [email protected] [mailto:[email protected]] On Behalf Of Randal, Phil Sent: Tuesday, February 18, 2014 10:50 AM To: [email protected] Subject: RE: [NTSysADM] time not syncing Manually configure that DC? Oh no, it's easier than that, it can be done with a Group Policy and a WMI query: http://blogs.technet.com/b/nepapfe/archive/2013/03/01/it-s-simple-time-configuration-in-active-directory.aspx Cheers, Phil -- Phil Randal Infrastructure Engineer Hoople Ltd | Thorn Office Centre | Hereford HR2 6JT Tel: 01432 260415 | Email: [email protected]<mailto:[email protected]> From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Ken Cornetet Sent: 18 February 2014 13:50 To: [email protected]<mailto:[email protected]> Subject: RE: [NTSysADM] time not syncing Yes, member computers and non-PDC DCs in a domain sync to the PDC emulator for the domain. PDCs in child domains sync to the PDC emulator in the forest root domain. You should manually configure that DC to sync to an external source. This probably works great in modern times, but back in the server 2000 days, this was a bit brittle - the slightest disturbance in the force could cause time sync to go haywire. That's why I installed the Meinberg NTP port on a couple of servers, configured them to talk to public NTP servers, and then configured all my PDC emulators to sync from them. This made for rock-solid time sync. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Ziots, Edward Sent: Tuesday, February 18, 2014 8:29 AM To: [email protected]<mailto:[email protected]> Subject: RE: [NTSysADM] time not syncing I believe in a domain that the members get time from the PDC Emulator and the PDC Emulator talks out to the NTP Servers on the internet. Way I remembered it a while ago when I did such things. Usually manually setting the list, is only done when systems aren't part of domain. Z Edward E. Ziots, CISSP, CISA, Security +, Network + Security Engineer Lifespan Organization [email protected]<mailto:[email protected]> Work:401-255-2497 This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. [Description: Description: Lifespan] From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of J- P Sent: Monday, February 17, 2014 12:41 PM To: [email protected]<mailto:[email protected]> Subject: RE: [NTSysADM] time not syncing it is, but now I'm questioning if the commas should be removed Jean-Paul Natola ________________________________ From: [email protected]<mailto:[email protected]> To: [email protected]<mailto:[email protected]> Subject: RE: [NTSysADM] time not syncing Date: Mon, 17 Feb 2014 17:18:40 +0000 Is the PDC virtual? If it is, it could be pulling the time from the vm host. Is the vmhost set to the proper NTP server ("0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org") and not the PDC? From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of J- P Sent: Monday, February 17, 2014 7:50 AM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] time not syncing Hi all, i have follows these instructions to the letter, and have confirmed the values exist and are accurate in the registry of the 2008r2 DC, it remains 10 minutes off All the computers, clients and servers, have the same time so its not causing any authentication issues (thankfully) but its annoying not be able to get the correct time 1. First, locate your PDC Server. Open the command prompt and type: C:\>netdom /query fsmo 2. Log in to your PDC Server and open the command prompt. 3. Stop the W32Time service: C:\>net stop w32time 4. Configure the external time sources, type: C:\> w32tm /config /syncfromflags:manual /manualpeerlist:"0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org" 5. Make your PDC a reliable time source for the clients. Type: C:\>w32tm /config /reliable:yes 6. Start the w32time service: C:\>net start w32time 7. The windows time service should begin synchronizing the time. You can check the external NTP servers in the time configuration by typing: C:\>w32tm /query /configuration when i run this command w32tm /stripchart /computer:0.pool.ntp.org /samples:5 /dataonly C:\>w32tm /stripchart /computer:0.pool.ntp.org /samples:5 /dataonly Tracking 0.pool.ntp.org [15.126.193.186:123]. Collecting 5 samples. The current time is 2/17/2014 10:55:41 AM. 10:55:41, -607.5560514s 10:55:43, -607.5602488s 10:55:45, -607.5647196s 10:55:47, -607.5687176s 10:55:49, -607.5880149s Hoople Ltd, Registered in England and Wales No. 7556595 Registered office: Plough Lane, Hereford, HR4 0LE "Any opinion expressed in this e-mail or any attached files are those of the individual and not necessarily those of Hoople Ltd. You should be aware that Hoople Ltd. monitors its email service. This e-mail and any attached files are confidential and intended solely for the use of the addressee. This communication may contain material protected by law from being passed on. If you are not the intended recipient and have received this e-mail in error, you are advised that any use, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. If you have received this e-mail in error please contact the sender immediately and destroy all copies of it."
<<inline: image001.jpg>>
