Solved

Cannot establish authoritative time server in Windows Server 2003 (w32time errors 29, 38, 47)

Posted on 2007-03-28
8
4,895 Views
Last Modified: 2010-06-05
Repeatedly Experiencing:

Error 38
The time provider NtpClient cannot reach or is currently receiving invalid time data from 192.43.244.18 (ntp.m|0x0|192.168.0.10:123->192.43.244.18:123).

Error 29
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible.  No attempt to contact a source will be made for 15 minutes. NtpClient has no source of accurate time.

Error 47
Time Provider NtpClient: No valid response has been received from  manually configured peer 192.43.244.18 after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer  with this DNS name.

from w32time.  

Followed steps of MS KB816042 to set up an authoritative time server in Windows 2003 to no avail.  
Also tried solution from http://www.jsifaq.com/SF/Tips/Tip.aspx?id=8497 to no avail.  

At this point, I've tried monkeying with both the PDC and SDC (both are experiencing this error) and client PC's are experiencing:

Error 36
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.

How do I get the PDC established as the authoritative time server, conferring with an internet time source (such as time.nist.gov or similar) and get all the other PC's (SDC and all clients) syncing with the PDC?

BTW, UDP port 123 is open.

Help!
0
Comment
Question by:ZuZuPetals
  • 4
  • 4
8 Comments
 
LVL 22

Expert Comment

by:65td
ID: 18812231
Is this a AD domain?

Run w32tm from a command prompt.
Try using w32tm /monitor from the clients, they should be hitting the PDCe in an AD domain.
One can reset the w32time parameters on the PDCe by w32tm /unregister then w32tm /register
Reedit the reg as per the MS doc above.
The PDCe should be the time source for the whole domain.
0
 
LVL 2

Author Comment

by:ZuZuPetals
ID: 18826550
Yes, it is an AD domain.
Ran w32tm /monitor from client, returned:
myPDC.mydomain.local *** PDC *** [192.168.0.10]:
    IMCP: 0ms delay.
    NTP: +0.0000000s offset from myPDC.mydomain.local
        RefID: 'LOCL' [76.79.67.76]
mySDC.mydomain.local [192.168.0.20]:
    IMCP: 0ms delay.
    NTP: -10.0703125s offset from myPDC.mydomain.local
        RefID: unspecified / unsynchronized [0.0.0.0]

Ran w32tm /unregister (has to stop Windows Time Service first), then ran w32tm /register.  
Both completed sucessfully.  Then restarted Windows Time Service.  Then tried to follow step from MSKB doc referenced above but at:

4. Specify the time sources. To do this, follow these steps:
a.  Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\NtpServer

NTPServer key does not exist, only "Default", "ServiceDll", "ServiceMain", "Type".

Should I create this key?  What type of key should it be?
0
 
LVL 22

Expert Comment

by:65td
ID: 18843121
Yes create it it should be a "string" type with a value of time.windows.com, 0x1
What is the "Type" setting?
0
 
LVL 2

Author Comment

by:ZuZuPetals
ID: 18844273
Okay, we're getting closer...
Created the NtpServer key and performed steps of MSKB and things are a little better, but now I have this informational notification:

The time provider NtpClient cannot reach or is currently receiving invalid time data from time.windows.com (ntp.m|0x1|192.168.0.10:123->207.46.197.32:123).

Does this just mean that time.microsoft.com is a poor choice to go to?  Or is something else wrong?
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 2

Author Comment

by:ZuZuPetals
ID: 18844313
Also, the secondary domain controller still appears to not be sync'd. (and appears to be losing time).

Running w32tm /monitor from client, returns:
myPDC.mydomain.local *** PDC *** [192.168.0.10]:
    IMCP: 0ms delay.
    NTP: +0.0000000s offset from myPDC.mydomain.local
        RefID: 'LOCL' [76.79.67.76]
mySDC.mydomain.local [192.168.0.20]:
    IMCP: 0ms delay.
    NTP: -16.6718750s offset from myPDC.mydomain.local
        RefID: unspecified / unsynchronized [0.0.0.0]

This could be due to an improper config on the SDC while attempting to fix this issue.  Should I just unregister and reregister w32tm on the SDC?
0
 
LVL 22

Accepted Solution

by:
65td earned 500 total points
ID: 18845754
The time.microsoft.com is a place holder value and would be used or cahnged if using a exturnal NTP server.
The PDCe should either sync internally or to an exturnally to a NTP server.  All other domain members should sync to the PDCe.
Back up the registry for w32time (as referance) and unregister and register.  Then try the monitor.
0
 
LVL 2

Author Comment

by:ZuZuPetals
ID: 18846359
(Embarrased)... off course it is...
All is working well now!  Thanks for the help!
0
 
LVL 22

Expert Comment

by:65td
ID: 18846781
Your welcome.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Numerous times I have been asked this questions that what is it that makes my machine log on so slow, there have been cases where computers took 23 minute exactly after taking password and getting to the desktop. Interesting thing was the fact th…
Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
This video discusses moving either the default database or any database to a new volume.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now