Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

How to synchronize time between all DC's in 1 Domain

Posted on 2007-11-28
7
Medium Priority
?
1,916 Views
Last Modified: 2011-09-20
What is the best way to sync the time between all 9 of my DC's in my Domain. I have a single Domain with 4 Sites. Plus can anyone tell me how important time synchronization is between my DC's and why?
0
Comment
Question by:crsrvn
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 15

Accepted Solution

by:
wingatesl earned 2000 total points
ID: 20371795
Time syncronization is important for kerberos authentication to work. I think it is anything over 10 - 15 minutes difference and it fails. No kerberos, no DC (eventually)
 The easy way to sync the time is this
NET TIME \\TIMESRV /SET /YES
The MS way is this
http://support.microsoft.com/kb/307897/EN-US/
It still works for 2003 server
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20371838
On the DC with the PDC role, you should use the command:

NET TIME /SETSNTP:...

You should not change other machines as they need to sync with the PDC and this will happen automatically.

See http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_22978705.html for a solution for UK time servers.

Where are you based?
0
 
LVL 1

Expert Comment

by:markdormer
ID: 20371873
I would set one of them to synchronise with an external Stratum 1 NTP server and the rest will synchronise from that machine.

See these
http://www.ntp.org/
http://support.microsoft.com/kb/816042

http://technet2.microsoft.com/WindowsServer/en/library/b43a025f-cce2-4c82-b3ea-3b95d482db3a1033.mspx?mfr=true

http://blogs.msdn.com/w32time/default.aspx
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20371932
You should use a Stratum 2 NTP server, because you do not have atomic or satellite clock hardware.  You may need to set the flags in the registry, too.  See the question I referred to.
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 20371976
The answer selected is not entirely correct.  While the procedures described will work, the correct way is to set an SNTP server using the command SteveH_UK suggested on the DC with the PC Emulator role.  All domain systems - if properly configured - will synchronize their time with the PDC emulator ensuring all systems are correctly set.

Among other things, having a time on a DC that is significantly different can result in the failure of Exchange server, among other things (I know this from first hand experience - I recently moved and had one DC down for 10 days prior to the conversion to standard time (from daylight time) and when I brought the system back online a few days ago, it caused Exchange to stop functioning because it didn't automatically adjust the time as expected.
0
 
LVL 15

Expert Comment

by:wingatesl
ID: 20373286
The question did not read that he had a requirement to syncronize the PDC to the outside world therefor that was not included. The net time was used because it forces a refresh from the PDC.
0
 
LVL 19

Expert Comment

by:SteveH_UK
ID: 20373340
I agree with wingatesl that it was not a request in the question.  The problem in using the computer time is that onboard clocks often have problems, and this can set you up for future problems.  That doesn't mean you can't do it, just that it isn't a recommended solution.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process allows computer passwords to be managed and secured without using LAPS. This is an improvement on an existing process, enhanced to store password encrypted, instead of clear-text files within SQL
Let's recap what we learned from yesterday's Skyport Systems webinar.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question