Solved

Cannot establish authoritative time server in Windows Server 2003 (w32time errors 29, 38, 47)

Posted on 2007-03-28
8
4,897 Views
Last Modified: 2010-06-05
Repeatedly Experiencing:

Error 38
The time provider NtpClient cannot reach or is currently receiving invalid time data from 192.43.244.18 (ntp.m|0x0|192.168.0.10:123->192.43.244.18:123).

Error 29
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible.  No attempt to contact a source will be made for 15 minutes. NtpClient has no source of accurate time.

Error 47
Time Provider NtpClient: No valid response has been received from  manually configured peer 192.43.244.18 after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer  with this DNS name.

from w32time.  

Followed steps of MS KB816042 to set up an authoritative time server in Windows 2003 to no avail.  
Also tried solution from http://www.jsifaq.com/SF/Tips/Tip.aspx?id=8497 to no avail.  

At this point, I've tried monkeying with both the PDC and SDC (both are experiencing this error) and client PC's are experiencing:

Error 36
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

How do I get the PDC established as the authoritative time server, conferring with an internet time source (such as time.nist.gov or similar) and get all the other PC's (SDC and all clients) syncing with the PDC?

BTW, UDP port 123 is open.

Help!
0
Comment
Question by:ZuZuPetals
  • 4
  • 4
8 Comments
 
LVL 22

Expert Comment

by:65td
ID: 18812231
Is this a AD domain?

Run w32tm from a command prompt.
Try using w32tm /monitor from the clients, they should be hitting the PDCe in an AD domain.
One can reset the w32time parameters on the PDCe by w32tm /unregister then w32tm /register
Reedit the reg as per the MS doc above.
The PDCe should be the time source for the whole domain.
0
 
LVL 2

Author Comment

by:ZuZuPetals
ID: 18826550
Yes, it is an AD domain.
Ran w32tm /monitor from client, returned:
myPDC.mydomain.local *** PDC *** [192.168.0.10]:
    IMCP: 0ms delay.
    NTP: +0.0000000s offset from myPDC.mydomain.local
        RefID: 'LOCL' [76.79.67.76]
mySDC.mydomain.local [192.168.0.20]:
    IMCP: 0ms delay.
    NTP: -10.0703125s offset from myPDC.mydomain.local
        RefID: unspecified / unsynchronized [0.0.0.0]

Ran w32tm /unregister (has to stop Windows Time Service first), then ran w32tm /register.  
Both completed sucessfully.  Then restarted Windows Time Service.  Then tried to follow step from MSKB doc referenced above but at:

4. Specify the time sources. To do this, follow these steps:
a.  Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\NtpServer

NTPServer key does not exist, only "Default", "ServiceDll", "ServiceMain", "Type".

Should I create this key?  What type of key should it be?
0
 
LVL 22

Expert Comment

by:65td
ID: 18843121
Yes create it it should be a "string" type with a value of time.windows.com, 0x1
What is the "Type" setting?
0
 
LVL 2

Author Comment

by:ZuZuPetals
ID: 18844273
Okay, we're getting closer...
Created the NtpServer key and performed steps of MSKB and things are a little better, but now I have this informational notification:

The time provider NtpClient cannot reach or is currently receiving invalid time data from time.windows.com (ntp.m|0x1|192.168.0.10:123->207.46.197.32:123).

Does this just mean that time.microsoft.com is a poor choice to go to?  Or is something else wrong?
0
Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

 
LVL 2

Author Comment

by:ZuZuPetals
ID: 18844313
Also, the secondary domain controller still appears to not be sync'd. (and appears to be losing time).

Running w32tm /monitor from client, returns:
myPDC.mydomain.local *** PDC *** [192.168.0.10]:
    IMCP: 0ms delay.
    NTP: +0.0000000s offset from myPDC.mydomain.local
        RefID: 'LOCL' [76.79.67.76]
mySDC.mydomain.local [192.168.0.20]:
    IMCP: 0ms delay.
    NTP: -16.6718750s offset from myPDC.mydomain.local
        RefID: unspecified / unsynchronized [0.0.0.0]

This could be due to an improper config on the SDC while attempting to fix this issue.  Should I just unregister and reregister w32tm on the SDC?
0
 
LVL 22

Accepted Solution

by:
65td earned 500 total points
ID: 18845754
The time.microsoft.com is a place holder value and would be used or cahnged if using a exturnal NTP server.
The PDCe should either sync internally or to an exturnally to a NTP server.  All other domain members should sync to the PDCe.
Back up the registry for w32time (as referance) and unregister and register.  Then try the monitor.
0
 
LVL 2

Author Comment

by:ZuZuPetals
ID: 18846359
(Embarrased)... off course it is...
All is working well now!  Thanks for the help!
0
 
LVL 22

Expert Comment

by:65td
ID: 18846781
Your welcome.
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Learn about cloud computing and its benefits for small business owners.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

947 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now