Cannot establish authoritative time server in Windows Server 2003 (w32time errors 29, 38, 47)

Repeatedly Experiencing:

Error 38
The time provider NtpClient cannot reach or is currently receiving invalid time data from 192.43.244.18 (ntp.m|0x0|192.168.0.10:123->192.43.244.18:123).

Error 29
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible.  No attempt to contact a source will be made for 15 minutes. NtpClient has no source of accurate time.

Error 47
Time Provider NtpClient: No valid response has been received from  manually configured peer 192.43.244.18 after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer  with this DNS name.

from w32time.  

Followed steps of MS KB816042 to set up an authoritative time server in Windows 2003 to no avail.  
Also tried solution from http://www.jsifaq.com/SF/Tips/Tip.aspx?id=8497 to no avail.  

At this point, I've tried monkeying with both the PDC and SDC (both are experiencing this error) and client PC's are experiencing:

Error 36
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

How do I get the PDC established as the authoritative time server, conferring with an internet time source (such as time.nist.gov or similar) and get all the other PC's (SDC and all clients) syncing with the PDC?

BTW, UDP port 123 is open.

Help!
LVL 2
ZuZuPetalsAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

65tdRetiredCommented:
Is this a AD domain?

Run w32tm from a command prompt.
Try using w32tm /monitor from the clients, they should be hitting the PDCe in an AD domain.
One can reset the w32time parameters on the PDCe by w32tm /unregister then w32tm /register
Reedit the reg as per the MS doc above.
The PDCe should be the time source for the whole domain.
0
ZuZuPetalsAuthor Commented:
Yes, it is an AD domain.
Ran w32tm /monitor from client, returned:
myPDC.mydomain.local *** PDC *** [192.168.0.10]:
    IMCP: 0ms delay.
    NTP: +0.0000000s offset from myPDC.mydomain.local
        RefID: 'LOCL' [76.79.67.76]
mySDC.mydomain.local [192.168.0.20]:
    IMCP: 0ms delay.
    NTP: -10.0703125s offset from myPDC.mydomain.local
        RefID: unspecified / unsynchronized [0.0.0.0]

Ran w32tm /unregister (has to stop Windows Time Service first), then ran w32tm /register.  
Both completed sucessfully.  Then restarted Windows Time Service.  Then tried to follow step from MSKB doc referenced above but at:

4. Specify the time sources. To do this, follow these steps:
a.  Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\NtpServer

NTPServer key does not exist, only "Default", "ServiceDll", "ServiceMain", "Type".

Should I create this key?  What type of key should it be?
0
65tdRetiredCommented:
Yes create it it should be a "string" type with a value of time.windows.com, 0x1
What is the "Type" setting?
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

ZuZuPetalsAuthor Commented:
Okay, we're getting closer...
Created the NtpServer key and performed steps of MSKB and things are a little better, but now I have this informational notification:

The time provider NtpClient cannot reach or is currently receiving invalid time data from time.windows.com (ntp.m|0x1|192.168.0.10:123->207.46.197.32:123).

Does this just mean that time.microsoft.com is a poor choice to go to?  Or is something else wrong?
0
ZuZuPetalsAuthor Commented:
Also, the secondary domain controller still appears to not be sync'd. (and appears to be losing time).

Running w32tm /monitor from client, returns:
myPDC.mydomain.local *** PDC *** [192.168.0.10]:
    IMCP: 0ms delay.
    NTP: +0.0000000s offset from myPDC.mydomain.local
        RefID: 'LOCL' [76.79.67.76]
mySDC.mydomain.local [192.168.0.20]:
    IMCP: 0ms delay.
    NTP: -16.6718750s offset from myPDC.mydomain.local
        RefID: unspecified / unsynchronized [0.0.0.0]

This could be due to an improper config on the SDC while attempting to fix this issue.  Should I just unregister and reregister w32tm on the SDC?
0
65tdRetiredCommented:
The time.microsoft.com is a place holder value and would be used or cahnged if using a exturnal NTP server.
The PDCe should either sync internally or to an exturnally to a NTP server.  All other domain members should sync to the PDCe.
Back up the registry for w32time (as referance) and unregister and register.  Then try the monitor.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ZuZuPetalsAuthor Commented:
(Embarrased)... off course it is...
All is working well now!  Thanks for the help!
0
65tdRetiredCommented:
Your welcome.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.