change time on domain controller

Posted on 2009-04-30
Last Modified: 2012-05-06
Hi experts,

I have two forest level domain controllers and two at domain level ie
1st FDC > Schema owner and GC
2nd FDC > Domain Role owner
1st PDC > RID , Infra, PDCe

what happens when i change the time on my 1st FDC? Will the rest of the DCs synchronise with the FDC? How about remote site DCs?

Question by:kenny_klbn
    LVL 6

    Expert Comment

    They will only sync if you have the FDC setup as an NTP server and then point the other servers to sync time with the main server in the time/date properties.
    LVL 16

    Expert Comment

    The PDCe machine is the "master" time server, other DCs will sync to it.  Time skews of more than 5 mins are outside of what Kerberos allows, and will casue replication to fail on the DCs.

    What are you trying to do here?

    Author Comment

    Hi Malmensa,

    The following is our organisation's domain setup:

    Two servers (FDC1 and FDC2) in Forest-level domain
    Two servers (PDC1 and PDC2) in Domain-level domain

    i ran the netdom query fsmo on FD1 and PDC1, and the results are as follows:

    On FDC1
    Schema Owner                        
    Domain Role Owner                  
    PDC role                                    
    RID Pool manager                      
    Infrastructure Owner                

    On PDC1
    Schema Owner                         
    Domain Role Owner                  
    PDC role                                    
    RID Pool manager                      
    Infrastructure Owner                

    All servers are time sync but are 20 minutes earlier that the "actual" time ie the actual time is 9:00am whereas the servers are 9:20am.

    Will all the servers sync with FDC1's time automatically once i change it on the time/date properties? What are the gotchas that i should look out for?

    LVL 6

    Accepted Solution

    It sounds to me like the only thing you would need to do is to update the time on the NTP server.  The remaining machines will then sync up to the NTP server.

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Join & Write a Comment

    The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
    Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
    This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
    Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    16 Experts available now in Live!

    Get 1:1 Help Now