Solved

Setting time source in Windows 2000

Posted on 2008-10-14
9
639 Views
Last Modified: 2012-05-05
I am trying to set every Windows 2000 machine on our network to sync it's time with our default gateway. The timing has to be acurate and the PC must be able to update while the user has no privaledge to change the time. This is on a non-Active Directory domain. In XP, I can just go into the date and time settings and specify the gateway's IP. But that facility doesn't exist in 2000. Can someone please tell me how to do this in 2000?
0
Comment
Question by:Styphon
9 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 22709772
In a windows domain all clients take their time from the DC running the PDC emulator - this in turn can be sync'ed to an external time source see http://support.microsoft.com/kb/216734/EN-US/
0
 
LVL 3

Author Comment

by:Styphon
ID: 22709799
Yea, I've seen that article. I want to find a way to sync each and every individual PC to the external source though.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 22709818
Configuring Domain Time

Problem Events - On the PDC Emulator

Event ID 12 (W32 Time Time Provider NtpClient: This machine is configured to use {text omitted}, but it is the PDC emulator...).
Event ID 29 (The time provider NtpClient is configured to acquire time from one or more time sources...).
Event ID 36 (The time service has not synchronized the system time for 86400 seconds...).
Event ID 38 (The time provider NtpClient cannot reach or is currently receiving invalid time data from...).
Event ID 47 (Time Provider NtpClient: No valid response has been received from  manually configured peer...).

Problem Events - On Domain Members

Event ID 50 (The time service detected a time difference of greater than 5000 milliseconds  for 900 seconds...).
Event ID 22 (The time provider NtpServer encountered an error while digitally signing the  NTP response for peer...).


Step 1 Locate the PDC Emulator.

1. On a domain controller, Click Start > Run > dsa.msc{Enter}
2. Expand AD Users and computers
3. Right click the domain > Operations Masters > PDC Tab
4. Take note of the PDC emulators name.

Step 2 Firewall config

1. Ensure UDP Port 123 is open outbound from the PDC Emulator.


Step 3 Configure the PDC Emulator to collect Reliable Time

1. On the PDC emulator Click Start > Run > cmd {Enter}
2. At command line type the following command,

w32tm /config /manualpeerlist:ntp2d.mcc.ac.uk /syncfromflags:manual /reliable:yes /update

Note: UK NTP Servers http://www.timetools.co.uk/info/ntp-servers-public/ntp-server-uk-stratum-2.htm

3. It should say "The command completed successfully."
4. Execute the following commands

net stop "windows time"
net start "windows time"
W32TM /resync

5. It should say "The command completed successfully."
6. Look in the servers Event log > System Log for Event ID 37

---------------------------------------------------------------
Event Type:      Information
Event Source:      W32Time
Event Category:      None
Event ID:      37
Date:            xx/xx/xxxx
Time:            xx:xx:xx
User:            N/A
Computer:      {servername}
Description:
The time provider NtpClient is currently receiving valid time data from ntp2d.mcc.ac.uk (ntp.m|0x0|10.0.0.1:123->130.88.203.64:123).

For more  
information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---------------------------------------------------------------

7. You may also see Event ID 35

---------------------------------------------------------------
Event Type:      Information
Event Source:      W32Time
Event Category:      None
Event ID:      35
Date:            xx/xx/xxxx
Time:            xx:xx:xx
User:            N/A
Computer:      {servername}
Description:
The time service is now synchronizing the system time with the time source ntp2d.mcc.ac.uk (ntp.m|0x0|10.0.0.1:123->130.88.203.64:123).

For more  
information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---------------------------------------------------------------


Step 4 Check the domain clients.

1. Click Start > Run > cmd {enter}
2. Execute the following command

w32tm /monitor

3. You will see the time on all the domain controllers this client can see..


C:\Documents and Settings\Administrator.yourdomain>w32tm /monitor
server-dc.yourdomain.co.uk [192.168.1.1]:
    ICMP: 0ms delay.
    NTP: +363.2032725s offset from server-pdc.yourdomain.co.uk
        RefID: server-pdc.pearsons.co.uk [192.168.69.6]
site2-dc.yourdomain.co.uk [192.168.2.1]:
    ICMP: 70ms delay.
    NTP: +0.0470237s offset from server-pdc.yourdomain.co.uk
        RefID: tees-exchange.pearsons.co.uk [192.168.69.4]
serverdc2.yourdomain.co.uk [192.168.1.4]:
    ICMP: 0ms delay.
    NTP: +0.0000553s offset from server-pdc.yourdomain.co.uk
        RefID: server-pdc.pearsons.co.uk [192.168.1.6]
server-pdc.yourdomain.co.uk *** PDC *** [192.168.1.6]:
    ICMP: 0ms delay.
    NTP: +0.0000000s offset from server-pdc.yourdomain.co.uk
        RefID: scarp.mc.man.ac.uk [130.88.203.64]

(In the case above the time on server-dc is way out address that first - it was a 2000 server and net time \\server-pdc {enter} fixed it).

4. Once all the domain controllers have a time thats accurate (Like the last three in the example above), then proceed.
5. Execute the following commands

net stop "windows time"
net start "windows time"
w32tm /resync

6. The Machines event log should log the following successful events

Event ID 37 (The time provider NtpClient is currently receiving valid time data from..).
Event ID 38 (The time provider NtpClient is currently receiving valid time data from..).






Problems

Error The computer did not resync because no time data was available.
If the server cannot resolve the name or UDP 123 is NOT open outbound you will see this error.
Also see http://www.msfn.org/board/lofiversion/index.php/t67060.html
0
 
LVL 70

Expert Comment

by:KCTS
ID: 22709823
On a domain all workstation must sync with the PDC emulator  - thats the way a domain is designed to work, if machines fall outside the tollerance limits of Active Directory, (5mins) then authentication issues will occur.

What is the problem with syncing the PDC emulator with an external source and then having the clients sync with it?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 3

Author Comment

by:Styphon
ID: 22709884
1. The is not an AD domain.
2. I have 3 machines all labled as PDC doing different jobs (we're in a transitional phase and it's all a little messy atm, which is why I tried to get them all to sync individually)
3. I have the original box, labled ntserver. It is the Primary Domain Controller of the network, but does authentication only.
4. I have a 2003 machine labled 2003svr. It runs the DHCP and DNS but does no authentication.
5. I have a VM sitting on the 2003svr, labled ntsvr. It does authentication only.
I am unsure which machine would control the time. If it is, as I fear it is, the ntserver, then that artical is not relevant on how to set it up and I would need to know how to set it up on a nt4 server. I thought it would just be easier to get each pc to individualy update from the default gateway.
0
 
LVL 70

Expert Comment

by:KCTS
ID: 22709895
OK I misunderstood - see http://support.microsoft.com/kb/216734
0
 
LVL 3

Author Comment

by:Styphon
ID: 22709936
That's the same article you posted before, and it's for Windows 2000. I have NT4 servers. The clients are 2000.
0
 
LVL 83

Accepted Solution

by:
oBdA earned 150 total points
ID: 22755575
w32tm in Windows 2000 doesn't have as much configuration possibilities as the XP/W2k3 version.
In Windows 2000, just open a command prompt on the client and enter
net time /setsntp:<Gateway-IP>
net stop w32time & net start w32time

How to synchronize the time on a Windows 2000-based computer in a Windows NT 4.0 domain
http://support.microsoft.com/?kbid=258059
0
 
LVL 3

Author Closing Comment

by:Styphon
ID: 31508192
We tried the net time command, but users cannot run this command as they don't have the privaledge. However the article you posted mentioned about removing a reg key. From that I was able to determine that inputing a reg key (which the users may be able to do) works just as well. Thanks.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
We have come a long way with backup and data protection — from backing up to floppies, external drives, CDs, Blu-ray, flash drives, SSD drives, and now to the cloud.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now