DC time and client sync time?

Not sure if my setup is good& For the clients to sync time with the domain controller I have the below line included I the logon script

REM Sync workstation time to domain controller...
net time \\dc1 /set /y

Also how do I check where is the domain controller(s) is getting the time from?

TITGAsked:
Who is Participating?
 
oBdAConnect With a Mentor Commented:
You can safely remove that line.
To start with, users don't have permissions to set the time anyway, and an AD domain already has a time sync in place: members will sync with the DC authenticating them, DCs will sync with PDC emulator, and you only need to set the PDCe to sync with an outside source.
To do so, run the following command:
w32tm /config /update /manualpeerlist:1.2.3.4,0x8 /syncfromflags:MANUAL
w32tm /resync
Replace 1.2.3.4 with the IP address of a time server geographically near you:
A list of the Simple Network Time Protocol (SNTP) time servers that are available on the Internet
http://support.microsoft.com/?kbid=262680

You can check the event log for events from source w32time to check whether the time is syncing correctly.
0
 
TITGAuthor Commented:

I will put the line below in a DC. The clients will sync automatically no GPO for that?
w32tm /config /update /manualpeerlist:208.184.49.129 /syncfromflags:MANUAL
w32tm /resync
I have two more DCs do I run the line in them to?
 
0
 
oBdACommented:
No GPO and no manual intervention (except for the PDCe) is usually necessary; Kerberos requires that the time difference between DC and clients is (reasonably) small.
Add the ,0x8 after the IP address, it tells the time service to run in client mode when querying the ntp server.
You only need to run this on the PDC emulator.
0
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

 
PberSolutions ArchitectCommented:
Along with the advice above,   We also leave that net time /set command in our logon scripts for one reason...  Laptops that sit on shelves for 6 months that have dead BIOS batteries.  The time is reset and it too far our of whack to correct using w32time.  The net time in the logon script gets them going again.
0
 
TITGAuthor Commented:
Ran command below didn't sync?
C:\>w32tm /resync
Sending resync command to local computer...
The computer did not resync because no time data was available.
0
 
PberConnect With a Mentor Solutions ArchitectCommented:
What computer did you issue the command on?
0
 
TITGAuthor Commented:
Used this instead...and it worked
w32tm /config /update /manualpeerlist:129.6.15.28,0x8 /syncfromflags:MANUAL
w32tm /resync
0
 
TITGAuthor Commented:

PDC checked event ID no error
 
0
 
oBdACommented:
Then you should be set. Note that an occasional failure of a time sync can happen--ntp is using UDP, after all. As long as there are successful time syncs, you can ignore the errors.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.