NTP Time Server being held by another server

So here's the deal.  We want to take our PDC and make it the authoritative time server for our whole network.  Simple enough.  Microsoft has a KB on it, and there are a plethora of resources on the net for it.  The setup goes fine and everything is set up as it should be.

I go to another server to check and make sure it is pointing to the PDC, and for some reason it is pointing to an older server that was never a domain controller in its existence.  This is wierd.  We monkey around with the registry on the old server as well as the PDC, but nothing.  No matter what workstation or server you are on, if you type "net time" at a command prompt, it will show the time according to the old server.

I tried entering "w32tm /monitor /domain:[domain]" and it showed me both my PDC and the second domain controller and the time offset.  Again, wierd.

Does it matter that when I type in "net time" it gives me the old server?  Or is there some configuration step we have missed somewhere that tells the network that our PDC is the time keeper?  The main thing we are trying to do is make this old server let go of being the master time server, and allow the PDC to take the reigns.

Has anyone ever seen this?  Anyone have any ideas?  We are open to any solution at this point.

Thanks :D
NorthernTel & Telebec Managed ServicesManaged I.T. SupportAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

That is strange - domain members should get their time from the domain controller they have authenticated to - and these DC's should in turn get the time from the PDC - hence typing net time does not always show the 'authoritative' time source, it should show the local DC unless you use the /domain switch, in which case it will show the PDC.
What is the out put of a net time command on the old server?
You can solve it with a logon script with the correct net time command in it - but this doesn't address the root cause I suppose.
net time \\DC_TO_SYNC_WITH /SET /YES
Will do it.
"net time" dates back to NT4, it will only return *any* DC from the NetBIOS browse list; it knows exactly *nothing* about AD and its time sync hierarchy. It's deprecated and can only be used to configure the external time source on the PDC emulator.
*By* *default*, DCs will sync their time with the PDC emulator, domain members will sync with the authenticating DC.
You have to check the event log for time sync events to find out which DC a machine is currently syncing with. It's in the System event log, source W32Time, event ID 35 for a successful sync, 29 for a failure, 14 if it can't find a DC.
To configure the PDC emulator to sync with an external time source, all you have to do is open a command prompt and enter

net time /setsntp:
net stopw32time & net start w32time

apart from the manual sync being completely unnecessary in an AD domain, regular users don't have permissions to change the system time, so this wouldn't work, either.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
David Paris VicenteSystems and Comunications  Administrator Commented:
DId you already  try resync??
DO this on your local machine.
1º w32tm /monitor to see your NTP servers are correct
2º w32tm /resync
and post here your information.
David Paris VicenteSystems and Comunications  Administrator Commented:
Try to config your time with this command if you still didn´t  do that.
w32tm /config [/computer:<target>] [/update]
    [/manualpeerlist:<peers>] [/syncfromflags:<source>]
  computer:<target> - adjusts the configuration of <target>. If not
    specified, the default is the local computer.
  update - notifies the time service that the configuration has
    changed, causing the changes to take effect.
  manualpeerlist:<peers> - sets the manual peer list to <peers>,
    which is a space-delimited list of DNS and/or IP addresses.
    When specifying multiple peers, this switch must be enclosed in
  syncfromflags:<source> - sets what sources the NTP client should
    sync from. <source> should be a comma separated list of
    these keywords (not case sensitive):
      MANUAL - include peers from the manual peer list
      DOMHIER - sync from a DC in the domain hierarchy
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Server Hardware

From novice to tech pro — start learning today.