mjasco8
asked on
NTP Group policy
Hi
I am configuring the Server holding PDC role as time server for all computers in the domain. This PDC server will be getting time from externel sources. Now I need to configure rest of computers in the domain to sync time from PDC. The challenge is that we have 1800 client computers located in different sites and in multiple OU's. All the domain controllers in one OU and member server in yet another OU. I was thinking to deploy this change using group policy but there is problem... if I deploy GPO at domain level, PDC will also get affected. If I go by OU or site, they are so many and also the domain controller OU holding all other DC's along with PDC.
How can I do this effectively to make sure all the machines except PDC is pointing towards PDC for time sync.
Note: At present the computers have "time.windows.com,0x1" with type "NT5DS"...not sure what this registry means?
Any help will be greatly appreciated
Thanks
I am configuring the Server holding PDC role as time server for all computers in the domain. This PDC server will be getting time from externel sources. Now I need to configure rest of computers in the domain to sync time from PDC. The challenge is that we have 1800 client computers located in different sites and in multiple OU's. All the domain controllers in one OU and member server in yet another OU. I was thinking to deploy this change using group policy but there is problem... if I deploy GPO at domain level, PDC will also get affected. If I go by OU or site, they are so many and also the domain controller OU holding all other DC's along with PDC.
How can I do this effectively to make sure all the machines except PDC is pointing towards PDC for time sync.
Note: At present the computers have "time.windows.com,0x1" with type "NT5DS"...not sure what this registry means?
Any help will be greatly appreciated
Thanks
ASKER
Hi
Thanks for reply. I had used same article to configure PDC registry for exrternal time server.
All other computer are looking up for "time.windows.com,0x1" for time sync, which I beleive is external time source again. These machines should be looking up for PDC for time sync, there should be PDC address in resgistry for these machines - correct?
Thanks for reply. I had used same article to configure PDC registry for exrternal time server.
All other computer are looking up for "time.windows.com,0x1" for time sync, which I beleive is external time source again. These machines should be looking up for PDC for time sync, there should be PDC address in resgistry for these machines - correct?
I don't think so.By default all machines are configured to time.windows.com.As long as the computers are in the domain the heiracy would flow for time.If the machine is just by iteself it will use the time.windows.com.
http://support.microsoft.com/kb/307897
http://support.microsoft.com/kb/307897
ASKER
Hi
Let me provide more details because I still having trouble in getting correct time from the correct servers
PDC Emulator registry settings:
NTPServer = x.x.x.x Ip server for NIST (three servers listed)
Type- NTP
AnnouceFlags=5
This part on PDC works perfectly - no errors
All other machines in the domain including domain controllers, member servers and workstations registry settings:
NtpServer=time.windows.com
Type=NT5DS
AnnounceFlags=10
We have issues here (not with all the machines but few of them have big offset in time)
1. Not all the machines lookup for time from the PDC, they just pick any other server in the domain and I don't figure what criteria they are using to pick the time server.
2. Few machine pick the print server as time source and other pick another domain controller as time server which is not PDC. All have same registry settings and then why this behavior?
Important - how can I make sure that all the server only and only look for the PDC as the time source and how to verify that.
Thanks
Let me provide more details because I still having trouble in getting correct time from the correct servers
PDC Emulator registry settings:
NTPServer = x.x.x.x Ip server for NIST (three servers listed)
Type- NTP
AnnouceFlags=5
This part on PDC works perfectly - no errors
All other machines in the domain including domain controllers, member servers and workstations registry settings:
NtpServer=time.windows.com
Type=NT5DS
AnnounceFlags=10
We have issues here (not with all the machines but few of them have big offset in time)
1. Not all the machines lookup for time from the PDC, they just pick any other server in the domain and I don't figure what criteria they are using to pick the time server.
2. Few machine pick the print server as time source and other pick another domain controller as time server which is not PDC. All have same registry settings and then why this behavior?
Important - how can I make sure that all the server only and only look for the PDC as the time source and how to verify that.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.windowsnetworking.com/articles_tutorials/Configuring-Windows-Time-Service.html