swolfersberger
asked on
Can Windows XP reveal the NTP source that it received it's time from?
I've got a customer that has computers that are randomly pulling a time and date that puts them in 2044. The only thing that makes sense is that they are polling an unauthorized (and incorrect) NTP source. Is there a command or utility that I can run that will show me the name or address of the server that provided the NTP info to the workstation?
net time /querysntp
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
All pcs in domain obtain the time from their Domain controller. You need to check where the DC is synced with because all XP clients are in sync with DC's for kerboros logins. You may now want to check the ntp time source on the DC and not on the xp client.
If its a pc on a workstation then ignore this answer.
If its a pc on a workstation then ignore this answer.
Right click on the time at the very bottom right of the screen. Choose "Adjust Date and Time. The "Date and Time" tab should allow you to change the year. alienvoice's post should tell you the source of the time check.
Having said that, have you rebooted lately?
And if this is something new, run a System Restore to a date before the problem started.
Having said that, have you rebooted lately?
And if this is something new, run a System Restore to a date before the problem started.
> All pcs in domain obtain the time from their Domain controller.
Yes, they *should* be. But if that's occurring properly it shouldn't be coming up with the wrong year, either. :-|
So check the event log and see if that shows it's actually syncing to the DC (or another designated authoritative time server) or some other setting such as the one specified on the Internet Time tab.
It doesn't make sense for the windows date offset to be changing it in that direction. e.g. in Regional and Language Options, in the Customize dialog on the Regional Options tab, then at the top of the Date tab... even if the 'short date' there is set to use 2-digit years.
Yes, they *should* be. But if that's occurring properly it shouldn't be coming up with the wrong year, either. :-|
So check the event log and see if that shows it's actually syncing to the DC (or another designated authoritative time server) or some other setting such as the one specified on the Internet Time tab.
It doesn't make sense for the windows date offset to be changing it in that direction. e.g. in Regional and Language Options, in the Customize dialog on the Regional Options tab, then at the top of the Date tab... even if the 'short date' there is set to use 2-digit years.
Darr247 I totally agree with your point. But every time we had issue with the time sync this is what i would do..
1.) First do a :- net time /querysntp
2). If the dc name is listed then check the time on the dc. Also try to ping the domain controller and check if its reachable.
3.) If the time is wrong you may run into a lot of issues like .. Email sync and unable to login to domain and similar issues... as kerboros only gives a permit limit of 5 mins diff between dc and clients.
4.) If the time is correct on dc and if you are able to ping the dc then we shall remove the sntp from the cache and readd it.
Do a:
net time /setsntp
Then do a
net time \\timesrv /set /yes
See also..
http://support.microsoft.com/kb/314090
Also see if this patch works for you.
http://www.microsoft.com/downloads/details.aspx?FamilyID=66f1420c-df2d-400b-a8a9-ef9061a9a3ca&DisplayLang=en
Hope this helps..
Let me know how it goes..
1.) First do a :- net time /querysntp
2). If the dc name is listed then check the time on the dc. Also try to ping the domain controller and check if its reachable.
3.) If the time is wrong you may run into a lot of issues like .. Email sync and unable to login to domain and similar issues... as kerboros only gives a permit limit of 5 mins diff between dc and clients.
4.) If the time is correct on dc and if you are able to ping the dc then we shall remove the sntp from the cache and readd it.
Do a:
net time /setsntp
Then do a
net time \\timesrv /set /yes
See also..
http://support.microsoft.com/kb/314090
Also see if this patch works for you.
http://www.microsoft.com/downloads/details.aspx?FamilyID=66f1420c-df2d-400b-a8a9-ef9061a9a3ca&DisplayLang=en
Hope this helps..
Let me know how it goes..
This link shows you how to change the NTP server. You should see the server there im assuming.