RE: W2K Time service issues

xylog Wed, 26 Sep 2001 07:39:15 -0700
Try synch'ing the time up on all DC's.:

Net time \\pdc /s /y

This should eliminate the error. Reason being is that kerberos will not
authenticate a machine that has time synch off by some value I forget
the exact amount but I think it on the order of a few seconds if not
less. This is why Win2k has a time service built in. You need to
configure it though, try this:

net stop time
w32tm -once -v

this will show you a single time synch as it progresses. You probably
want to synch your PDC with an internet time server like this:

net time /setsntp:ntp2.usno.navy.mil

and synch the other DC's and client stations with you PDC.

Hope this helps.

xylog

-----Original Message-----
From: Schaub, Chris [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, September 26, 2001 7:49 AM
To: NT System Admin Issues
Subject: W2K Time service issues

Starting about a month ago we started to receive the following errors on
DC's throughout our enterprise:

1st error

Event Type:     Warning
Event Source:   w32time
Event Category: None
Event ID:       56
Date:           9/25/2001
Time:           8:20:16 AM
User:           N/A
Computer:       ServerY
Description:
The Domain Controller Server X in tld.domain.com returned an incorrectly
signed time stamp. If this DC is from the machine's parent domain then
the
trust link between the domains may be broken and must be fixed. If the
DC is
from this machine's own domain, then the machine password for this
machine
is incorrect and should be corrected. 
Data:
0000: e5 03 00 00               �...  

2nd error

Event Type:     Warning
Event Source:   w32time
Event Category: None
Event ID:       11
Date:           9/25/2001
Time:           8:20:21 AM
User:           N/A
Computer:       ServerY
Description:
The NTP server \\Serverx.tld.domain.com didn't respond 
Data:
0000: 00 00 00 00               ....    

We see this problem when a lower level server
(Servery.2ld.tld.domain.com)
tries to sync off of the server (serverx.tld.domain.com).  So basically
the
child domain DC is trying to sync with a parent level DC and getting
these
errors.  NTP on the parent level domain controller seems to be working
for
manual calls for other clients.  Also the trust between the two domains
seems to be intact.  And it is happening on multiple servers in both
domains.  Also this did use to work before a month ago.  If anyone has
some
insight.

Thanks,

Chris

Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/



Want to unsub? Do that here:
http://www.w2knews.com/rd/rd.cfm?id=unsub
Need a good FAQ? Try this one first:
http://www.ultratech-llc.com/KB/
RE: W2K Time service issues

Reply via email to
