Solved

"there is a time difference between client and server"

Posted on 2003-11-26
21
8,820 Views
Last Modified: 2012-06-22
"there is a time difference between client and server"

I recieve this error message when trying to logon to domain from all clients!
I have set the w32time service. I believe its working as I get event logs stating time is within <.5sec
The only way I can get users logged on is to restart the Dc. (I have only one dc on a small network)
Users can then logon but after a time (hours) all users can not logon after logging out.

I recieve no error message on the server.

Any help appreciated
0
Comment
Question by:rbauckham
  • 9
  • 7
  • 3
  • +1
21 Comments
 
LVL 32

Expert Comment

by:Luc Franken
ID: 9827430
Use this line in the login script:

Net time /setnstp:<servername>

and see if it helps.

LucF
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 9827439
0
 

Author Comment

by:rbauckham
ID: 9827453
afraid not. I have set this from the local admin of client. (as I can not logon)
The error appears as soon as you press enter on logon screen. and will not proceed past logon screen

RCB
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 9827474
Try loggin on by rebooting the server or whatever you have to do, and then use my first comment, it should make sure your computertime is always up to date.

Also try replacing the battery on the servers motherboard, it might be dead or almost.
0
 

Author Comment

by:rbauckham
ID: 9827571
Ok I'll give it ago.  But shouldn't it set itself to the dc automatically?
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 9827613
>But shouldn't it set itself to the dc automatically?
No.. too bad...
0
 
LVL 41

Expert Comment

by:graye
ID: 9828624
If it's happening to all clients, then it certaily looks like the time is off on the Domain Controller (not the client PCs).  I'd reboot the Domain Controller... catch the BIOS setup... change the date/time... and let 'er reboot.

Kerberos wants no more than a 5 minute variation in time.

I'll bet you can still log into any local account (since all local acounts are in the SAM registry database) and don't use Kerberos.
0
 

Author Comment

by:rbauckham
ID: 9830962
This has been done and the clocks (client and server) are set the same.

Is there a setting for the kerberos discretion any where?

why would the server suddenly stop clients logging on? why does a reboot make a difference?
0
 
LVL 15

Expert Comment

by:Rob Stone
ID: 9831148
0
 

Author Comment

by:rbauckham
ID: 9831255
Stoner79

This issue is exactly the one I am getting.
I also have a terminal services software that home users connect to and recieve this error. Although as I am having the same issue on local clients it would appear that this is just a coincidence.
Would it be possible to contact the user who posted the original error to see if he found a solution?

Thanks
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 32

Expert Comment

by:Luc Franken
ID: 9831460
Can you try replacing the battery on your server? I think it's worth a shot...
0
 
LVL 15

Expert Comment

by:Rob Stone
ID: 9832054
You could try.  I only stumbled across it searching on google, I'm not a member of the site.  Why don't you email him and explain the situation and see if he helps. If so, it would be worth putting what he has to say on here.
0
 
LVL 41

Expert Comment

by:graye
ID: 9832670
The setting for the "Time skew" is in the Default Domain Security policy (under Account Policies)
0
 

Author Comment

by:rbauckham
ID: 9833581
thanks
After a restart everthing worked for 4 hours fine then for no apparent reason the next user to log on recieves the time difference message and thats it I have to restart.
I am running out of options. I am going to restore a backup on different hardware to see if the problems remains. But four hours is a lenghty test period for any alterations made!

Does anyone know what options I have for reinstalling 2k again over the top of my curent config. (Win2k DC, exchange 2k) If I can not fix this how would you guys go about transferring Exchange 2k to another server etc? Quickest and simplest please.

Thanks again
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 9833614
I think you should first try the System File Checker as I didn't have very good experiences with "repair" installations...
Start => Run => type "SFC /scannow" (without the quotes) and press enter (keep your windows cd nearby)

But still, have you at least tried replacing the battery....
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 9833629
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 9833687
Or here => http://www.eecis.udel.edu/~mills/ntp/clock1a.html
http://www.eecis.udel.edu/~mills/ntp/clock2a.html

You can use these to make sure your servers time is the same as the atomic clock by using:

Net time /setsntp:<servername> or
Net time /setsntp:<IP-adres of timeserver>

LucF
0
 

Author Comment

by:rbauckham
ID: 9833719
thanks
To change the battery on my server means a new motherboard. compaq ML 350. So I was going to restore on new hardware. this will kind of test this theory.
I have set the server to various time servers and set it to be its own. I have then set the clients to point to my DC's ipaddress as they should do anyway. Still no joy. Why would it work for 4 hours then give up the ghost with no other error than the one at attempted logon.

thanks again

RB
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 9833805
>>To change the battery on my server means a new motherboard. compaq ML 350.
I don't know about this motherboard you have, but changing your motherboard should be out of the question, some motherboards do have the battery soldered on the motherboard, but if you're handy you should be able to remove the original battery and connect another one to the connectors on the motherboard or have your supplier replace it. (normally it's a 3 volt battery so two AA batteries connected should be able to do this job also (just be carefull soldering these connections to your motherboard (assuming you know how to do this)))
0
 
LVL 41

Accepted Solution

by:
graye earned 500 total points
ID: 9834942
Have you thought about changing the Kerberos Skew Time to something outragously large... just to keep things going while you're hunting for the real problem?
0
 

Author Comment

by:rbauckham
ID: 9897125
This did the job . hope there's no repercussions!
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What does UTC stand for?  “Coordinated Universal Time” – Think of this as the true time on Planet Earth that never changes with the exception of minor leap seconds here and there to account for the changes in the planet's rotation.   What does th…
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

943 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

5 Experts available now in Live!

Get 1:1 Help Now