NTP server 2003

server 1 will not connect to external time source I specified. I keep receiving w32time errors in my event log and my clients are not obtaining the time from the server I specified in GP.
I followed microsoft article KB 816042-using external time source steps 1-8...inputting north-america.pool.ntp.org,0x1 in the correct location.
I then created a group policy-computer\adm temp\sys\win time serv\time providers-enabled, ntp server: this servers ip, type-ntp, left rest as default. I then placed this group policy under technology/workstations in admin users and computers. This has been several days--so I know GP has taken effect...plus I ran gpupdate /force on the pc's i was testing.
Still receiving errors of w32time on my server 1, when i type net time on server 1...it is obtaining it's time from server 2...so are all my workstations/clients. Server 2 has the default settings loaded on it-it is also a domain controller.
What have i missed?
tootsie_rollAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
PakaConnect With a Mentor Commented:
Get to a command prompt on Server 1.  Start regedit, browse to:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters

Is there anything listed for NtpServer?

Open a separate command window and use the following commands to clean the registry.
net stop w32time
w32tm /unregister

Return to the RegEdit and press F5 to refresh the listing.  The W32Time settings should go away.  Now return to the command window and type:
w32tm /register
net start w32time

Return to Regedit and refresh, the registry settings for the W32time service should return.

Now type: net time /setsntp:time.nist.gov

Return to Redit and  look under the Parameters section.  You should see time.nist.gov listed as the ntpserver.

Now run gpudate /force and refresh Regedit.  Is time.nist.gov still listed?  If it changed, you still have something in group policy affecting the time service.







0
 
PakaCommented:
Try using a time.nist.gov for a NTP time source.  There's a bug in W2003 that will cause NTP syncs with a high-precision time source to fail.

You really shouldn't need to use group policy to configure any machines in a W2003 domain to use a specific time source since all clients and servers in a W2003 domain will automatically configure to a good time source (PCs to their authenticating DCs, DCs to PDC ops master).  Since W2003 uses NTP, all clients should be synced to within a second of each other.

If you need to clean the clients configuration use:

net stop w32time
w32tm /unregister
w32tm /register
net start w32time

And to confirm results:

w32tm /resync
0
 
tootsie_rollAuthor Commented:
Do I need to unregister on the DC/Server 1 as well? I fixed the time source to time.nist.gov,0x1 and did net stop w32time and started it.
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
PakaCommented:
The w32tm /unregister will return all registry entries for the time service to defaults.  It might be a good idea to run it on the Dc/Server 1 (I'm guessing that's your PDC Emulator) as well.  I'm not sure what the , 0x1 is for on time.nist.gov,0x1, I didn't use it on my network and it syncs to time.nist.gov perfectly.
0
 
tootsie_rollAuthor Commented:
I went ahead and unregistered the w32tm on server 1, as well as ran the /resync flag. Now when I go back into my registry, i do not have the option for the NtpServer to modify--and it reset my options to the default. So I created a String value and entered in nist.time.gov without the ,0x1 at the end. I stopped and started the service on the Server 1 and it is still obtaining it's time from server 2.
0
 
PakaCommented:
Is server 1 or server 2 the PDC Emulator?  I'm guessing it's server1.  If that's the case:

On Server 1, type:
net stop w32time
w32tm /unregister
w32tm /register
net start w32time
net time /setsntp:time.nist.gov
net stop w32time
net start w32time
w32tm /resync

If the event log still shows that it's getting time from server 2, then you will have to set your group policy time settings to a neutral mode (undefined). After you have the neutral policy configured. Go to each server and type "gpupdate /force".  Finally, give the command sequence above another try.
0
 
tootsie_rollAuthor Commented:
Tried steps above-changed my GP settings to undefined. ran gpupdate /force on both server1, 2, 3 as well as  a few wkstns. ran steps again...still want to direct to server 2. Server 1 is the pdc. I do receive an error though, when i do the last step--resync:
The computer did not resync because no time data was available.
Thanks.
0
 
tootsie_rollAuthor Commented:
In regedit-yes, there is time.nist.gov listed.
I unregistered--verified the entry for W32TIME is unavailable. I added the settings for setsntp time and it returned for time.nist.gov. I then updated my GP and verified regedit was still the same--time.nist.gov.  When i run the comman net time it comes back with server 2 info. My policy is set on server1 in the registry still, why is it trying to get the info from server 2? I've verified server 1 is the pdc.
I did note that when i unregistered and then registered - there was an entry in the event viewer for event id 12-stating this is the pdc and it is recommended to use an external time source.
I am still receiving errors-event id's 38 & 47.
0
 
PakaCommented:
I think we're almost there:
Type:
net time /querysntp

What is the result?  BTW- What version of 2003 are you running (plain, SP1, SP2)?
0
 
tootsie_rollAuthor Commented:
The current sntp value is time.nist.gov
2003 SP2
0
 
PakaCommented:
Now try:
net stop w32tm
net start w32tm

Next look in the event log.  What is it trying to get time from?
0
 
tootsie_rollAuthor Commented:
The time provider is currently receiving time from time.nist.gov with ip addy's behind it of server1 and nist.gov. I did add a rule in the firewall to allow the nist.gov--I think that may have been our issue prior??  But when i do a net time, it is still pointing to eat-2. Do I need to refresh gpupdate's on that server?
0
 
PakaCommented:
Yes, then use the commands above to clean the w32time registry settings, and use the net time /setsntp command to set the ntp server.  Confirm with the net stop/start w32tm commands.
0
 
tootsie_rollAuthor Commented:
I'm a little confused. The current settings for server2 are the default, it is looking to NT5DS on that server. I have ran a gpupdate on server 2, it still is looking to itself. As for server1, it is still looking to server 2 as well.
Since server1 is still set up with teh steps in your third post, should I still run them yet again? And do I need to run any steps on server2 other than a group policy update?
0
 
tootsie_rollAuthor Commented:
However, I am not receiving those errors in event viewer any more. Just not directing to the server i want it to...server 1, not server 1 :)
0
 
PakaCommented:
To setup a time hierarchy in a domain - all you have to do is set the PDCE to look at a good time source - in our case time.nist.gov.  All other computers that are joined to the domain will get their type through a well-defined process - DCs from the PDCE and clients from their authenticating DCs.

I thought we reset the w32time settings from the PDCE and pointed it to time.nist.gov and got a good time hack.  If that's the case, we just need to clean server 2's settings (we don't need to point it to a time source since the w32time service will automatically sync to the PDCE).
0
 
tootsie_rollAuthor Commented:
OK, went to server2 and ran
net stop w32time
w32tm /unregister
w32tm /register
net start w32time
gpupdate /force
net time  -  server 2
Am I not understanding what you are wanting me to do? I'm sorry, I am new to this.
0
 
tootsie_rollAuthor Commented:
I noticed on a client pc, when I do a gpupdate /force, it will connect to server 1 for about a minute, then goes back to server2 when entering commang net time
0
 
PakaCommented:
No need to apologize, time sync is a pretty confusing topic at times.  Is server1 working correctly now?  By that, the event logs show that it's syncing from time.nist.gov.  If so, on server2, you just want to clean the time settings from the registry (group policy should have propagated by now):
net stop w32time
w32tm /unregister
w32tm /register
net start w32time

Check the event log on server2 and you should see that it is syncing from server1 (hopefully).


0
 
PakaCommented:
I see now.  I didn't explain fully - The "net time" command should only used to set and display the SNTP server on the PDC ops master - not to display which server the other domain clients are getting time from.  For that you use the event logs.
0
 
tootsie_rollAuthor Commented:
Aha, That makes sense then. Bcz i was confused as to why the event log would say everything was good, but not net time.

We are good now!! Thanks so much for your help!!
0
 
tootsie_rollAuthor Commented:
Thanks so much!! :) You rock!!
0
All Courses

From novice to tech pro — start learning today.