Link to home
Create AccountLog in
Avatar of jmerulla
jmerullaFlag for United States of America

asked on

Authoritative Time Server

We recently added a new domain controller to our network and moved FSMO roles from another domain controller that we will be retiring.  One of the roles that the new DC has is PDC emulator.  I've seen that the PDC is assigned the role of Authoritative Time Server but this has not happened to the new DC.  The soon to be retired DC is still showing up as the time server.  Am I missing something?  All FSMO roles from the old DC were moved to the new DC.  Thanks!
Avatar of oBdA
oBdA

In case you used this: "net time" can *NOT* be used to find the time server a client is using, it knows *nothing* about AD and will just pick a DC from the browser list.
That said, in an AD domain, the PDC emulator needs to sync with a reliable source, other DCs will sync with the PDC emulator, and domain members will sync with the client authenticating them; so as long as your DC isn't retired as such, it will be used as time server.
Make sure you have your new PDC is configured to sync with a reliable external time source. Restart the W32time service on the old FSMO role holder. You can also try running this command NET TIME /SETSNTP:SERVERNAME


https://www.experts-exchange.com/questions/23607688/Setting-up-Time-Servers-in-AD-2003.html
net time is deprecated for Win2003 and beyond. Use the following KB article to configure the PDC Emulator in your forest root domain to point to an authoritative time source: http://support.microsoft.com/kb/816042. Set all other machines (DCs or otherwise) to use NTDS5 as their time source so that they will use the domain hierarchy described by OBdA
Avatar of jmerulla

ASKER

Do I need to run dcpromo on the retiring DC and decommission it in order for the new DC to become the time server?
No, you need to modify the registry keys listed in the KB article that I quoted above for whichever DC is configured as your PDC Emulator in your forest root domain. Demoting the old DC will not have a bearing on this.
No, you don't have to demote.  Be sure you follow the instructions to make sure you make the PDC retrieve an reliable time source as my post states above.
I think it might be confogurde but something is still not right.  I get the following message in the Event Viewer.

Event Type:      Error
Event Source:      W32Time
Event Category:      None
Event ID:      29
Date:            8/13/2008
Time:            12:09:47 AM
User:            N/A
Computer:      SERVER
Description:
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible.  No attempt to contact a source will be made for 960 minutes. NtpClient has no source of accurate time.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Which server are you getting this on?
I'm getting this on the new time server
ASKER CERTIFIED SOLUTION
Avatar of Darius Ghassem
Darius Ghassem
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
Thanks for your help with this!
This is EXACTLY what I've been searching for, thanks!!!