Solved

"there is a time difference between client and server"

Posted on 2003-11-26
21
8,841 Views
Last Modified: 2012-06-22
"there is a time difference between client and server"

I recieve this error message when trying to logon to domain from all clients!
I have set the w32time service. I believe its working as I get event logs stating time is within <.5sec
The only way I can get users logged on is to restart the Dc. (I have only one dc on a small network)
Users can then logon but after a time (hours) all users can not logon after logging out.

I recieve no error message on the server.

Any help appreciated
0
Comment
Question by:rbauckham
  • 9
  • 7
  • 3
  • +1
21 Comments
 
LVL 32

Expert Comment

by:LucF
ID: 9827430
Use this line in the login script:

Net time /setnstp:<servername>

and see if it helps.

LucF
0
 
LVL 32

Expert Comment

by:LucF
ID: 9827439
0
 

Author Comment

by:rbauckham
ID: 9827453
afraid not. I have set this from the local admin of client. (as I can not logon)
The error appears as soon as you press enter on logon screen. and will not proceed past logon screen

RCB
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 32

Expert Comment

by:LucF
ID: 9827474
Try loggin on by rebooting the server or whatever you have to do, and then use my first comment, it should make sure your computertime is always up to date.

Also try replacing the battery on the servers motherboard, it might be dead or almost.
0
 

Author Comment

by:rbauckham
ID: 9827571
Ok I'll give it ago.  But shouldn't it set itself to the dc automatically?
0
 
LVL 32

Expert Comment

by:LucF
ID: 9827613
>But shouldn't it set itself to the dc automatically?
No.. too bad...
0
 
LVL 41

Expert Comment

by:graye
ID: 9828624
If it's happening to all clients, then it certaily looks like the time is off on the Domain Controller (not the client PCs).  I'd reboot the Domain Controller... catch the BIOS setup... change the date/time... and let 'er reboot.

Kerberos wants no more than a 5 minute variation in time.

I'll bet you can still log into any local account (since all local acounts are in the SAM registry database) and don't use Kerberos.
0
 

Author Comment

by:rbauckham
ID: 9830962
This has been done and the clocks (client and server) are set the same.

Is there a setting for the kerberos discretion any where?

why would the server suddenly stop clients logging on? why does a reboot make a difference?
0
 
LVL 15

Expert Comment

by:Rob Stone
ID: 9831148
0
 

Author Comment

by:rbauckham
ID: 9831255
Stoner79

This issue is exactly the one I am getting.
I also have a terminal services software that home users connect to and recieve this error. Although as I am having the same issue on local clients it would appear that this is just a coincidence.
Would it be possible to contact the user who posted the original error to see if he found a solution?

Thanks
0
 
LVL 32

Expert Comment

by:LucF
ID: 9831460
Can you try replacing the battery on your server? I think it's worth a shot...
0
 
LVL 15

Expert Comment

by:Rob Stone
ID: 9832054
You could try.  I only stumbled across it searching on google, I'm not a member of the site.  Why don't you email him and explain the situation and see if he helps. If so, it would be worth putting what he has to say on here.
0
 
LVL 41

Expert Comment

by:graye
ID: 9832670
The setting for the "Time skew" is in the Default Domain Security policy (under Account Policies)
0
 

Author Comment

by:rbauckham
ID: 9833581
thanks
After a restart everthing worked for 4 hours fine then for no apparent reason the next user to log on recieves the time difference message and thats it I have to restart.
I am running out of options. I am going to restore a backup on different hardware to see if the problems remains. But four hours is a lenghty test period for any alterations made!

Does anyone know what options I have for reinstalling 2k again over the top of my curent config. (Win2k DC, exchange 2k) If I can not fix this how would you guys go about transferring Exchange 2k to another server etc? Quickest and simplest please.

Thanks again
0
 
LVL 32

Expert Comment

by:LucF
ID: 9833614
I think you should first try the System File Checker as I didn't have very good experiences with "repair" installations...
Start => Run => type "SFC /scannow" (without the quotes) and press enter (keep your windows cd nearby)

But still, have you at least tried replacing the battery....
0
 
LVL 32

Expert Comment

by:LucF
ID: 9833629
0
 
LVL 32

Expert Comment

by:LucF
ID: 9833687
Or here => http://www.eecis.udel.edu/~mills/ntp/clock1a.html
http://www.eecis.udel.edu/~mills/ntp/clock2a.html

You can use these to make sure your servers time is the same as the atomic clock by using:

Net time /setsntp:<servername> or
Net time /setsntp:<IP-adres of timeserver>

LucF
0
 

Author Comment

by:rbauckham
ID: 9833719
thanks
To change the battery on my server means a new motherboard. compaq ML 350. So I was going to restore on new hardware. this will kind of test this theory.
I have set the server to various time servers and set it to be its own. I have then set the clients to point to my DC's ipaddress as they should do anyway. Still no joy. Why would it work for 4 hours then give up the ghost with no other error than the one at attempted logon.

thanks again

RB
0
 
LVL 32

Expert Comment

by:LucF
ID: 9833805
>>To change the battery on my server means a new motherboard. compaq ML 350.
I don't know about this motherboard you have, but changing your motherboard should be out of the question, some motherboards do have the battery soldered on the motherboard, but if you're handy you should be able to remove the original battery and connect another one to the connectors on the motherboard or have your supplier replace it. (normally it's a 3 volt battery so two AA batteries connected should be able to do this job also (just be carefull soldering these connections to your motherboard (assuming you know how to do this)))
0
 
LVL 41

Accepted Solution

by:
graye earned 500 total points
ID: 9834942
Have you thought about changing the Kerberos Skew Time to something outragously large... just to keep things going while you're hunting for the real problem?
0
 

Author Comment

by:rbauckham
ID: 9897125
This did the job . hope there's no repercussions!
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Application Deployment 2 263
Windows 7 7 269
When I tried to login to the windows 2000 servery by local account using RDP/RDC it logs in and logs off immediately 5 71
OLD CPUs 12 94
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Is your phone running out of space to hold pictures?  This article will show you quick tips on how to solve this problem.
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question