Solved

Network time server on windows 2003

Posted on 2009-07-16
10
257 Views
Last Modified: 2012-05-07
The time on our domain server and clients kept drifting further from actual time. Short of routinely updating the time on the server, what can I do to fix this issue?

I've read a bit about network time server, as part of DHCP service. But there are a number of network time server option on the list. WHich one should I use? And which time server should I use? Do I need to pay for it?

Thank You
0
Comment
Question by:SW111
  • 3
  • 2
  • 2
  • +3
10 Comments
 
LVL 7

Expert Comment

by:kumarnirmal
ID: 24868382
HI,

If you are using "Active Directory Environment" then always the time will be taken from the PDC Emulator, can you please explain your setup
0
 
LVL 1

Expert Comment

by:alerisd
ID: 24868533
If you want to set an externa time source (the server have to connect to an internet NTS server) you can set it in this matter:
Configuring the Windows Time service to use an external time source
To configure an internal time server to synchronize with an external time source, follow these steps:
1.      Change the server type to NTP. To do this, follow these steps:
a.      Click Start, click Run, type regedit, and then click OK.
b.      Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type
c.      In the right pane, right-click Type, and then click Modify.
d.      In Edit Value, type NTP in the Value data box, and then click OK.
2.      Set AnnounceFlags to 5. To do this, follow these steps:
a.      Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags
b.      In the right pane, right-click AnnounceFlags, and then click Modify.
c.      In Edit DWORD Value, type 5 in the Value data box, and then click OK.
3.      Enable NTPServer. To do this, follow these steps:
a.      Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer
b.      In the right pane, right-click Enabled, and then click Modify.
c.      In Edit DWORD Value, type 1 in the Value data box, and then click OK.
4.      Specify the time sources. To do this, follow these steps:
a.      Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters
b.      In the right pane, right-click NtpServer, and then click Modify.
c.      In Edit Value, type Peers in the Value data box, and then click OK.

Note Peers is a placeholder for a space-delimited list of peers from which your computer obtains time stamps. Each DNS name that is listed must be unique. You must append ,0x1 to the end of each DNS name. If you do not append ,0x1 to the end of each DNS name, the changes made in step 5 will not take effect.
5.      Select the poll interval. To do this, follow these steps:
a.      Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient\SpecialPollInterval
b.      In the right pane, right-click SpecialPollInterval, and then click Modify.
c.      In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.

Note TimeInSeconds is a placeholder for the number of seconds that you want between each poll. A recommended value is 900 Decimal. This value configures the Time Server to poll every 15 minutes.
6.      Configure the time correction settings. To do this, follow these steps:
a.      Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\MaxPosPhaseCorrection
b.      In the right pane, right-click MaxPosPhaseCorrection, and then click Modify.
c.      In Edit DWORD Value, click to select Decimal in the Base box.
d.      In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.

Note TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend upon the poll interval, network condition, and external time source.
e.      Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\MaxNegPhaseCorrection
f.      In the right pane, right-click MaxNegPhaseCorrection, and then click Modify.
g.      In Edit DWORD Value, click to select Decimal in the Base box.
h.      In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.

Note TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend upon the poll interval, network condition, and external time source.
7.      Quit Registry Editor.
8.      At the command prompt, type the following command to restart the Windows Time service, and then press ENTER:
net stop w32time && net start w32time

AS ntp server you can use time.windows.com or one of the thousand you can find searching in google.
Make attention to use regedit.
0
 

Author Comment

by:SW111
ID: 24868927
Oh wow..... didnt expect it to involve registry editing. Would you mind telling me why all these is needed? Why cant

we just select the service and input the ntp on the DHCP?

And to answer Kumarnirmal,  I am using Active directory.
0
 
LVL 1

Expert Comment

by:alerisd
ID: 24869247
A best practice in an active directory enviroment is to syncronize time between server and client. The client use the w32time service to take time from the domain server, and the PDC can be a server and a client itself. If you want to get a correct time from external ntp server, is a good solution to use w32time service on the server to do this. The configuration you are talking about is on linux/unix system, not in windows enviroment.
0
 

Author Comment

by:SW111
ID: 24869364
Ah? I'd rather not involve linux/unix systems here as our network is mostly running on microsoft. So the question now is: how do I go about doing this?
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 2

Expert Comment

by:CPAsAdmin
ID: 24869867
On the DC command prompt enter
NET TIME /setsntp:public_ntp_server
w32tm /RESYNC
This will config the pdc to sync with an external time source and resync the clock with that time source.
You can get an address for a public ntp server by searching the web for secondary stratum ntp servers.
Config the clients to sync their clocks with the PDC
 
0
 
LVL 20

Expert Comment

by:MightySW
ID: 24870117
FYI, The DC that you enter this command on needs to hold the PDC emulator operations role.  If this is your only domain controller then it already is.  If not then you need to open up, ADUC, right click on ADUC and select all tasks, operations masters and then click on the PDC tab to see which DC is the PDCe.

Thanks
0
 
LVL 1

Expert Comment

by:alerisd
ID: 24870539
The net time command is correct, the result is the same that write it on the registry, and restart w32tm, bat if you don't know the other setting of your server the command could not work fine.
0
 
LVL 20

Expert Comment

by:MightySW
ID: 24870566
what?
0
 
LVL 38

Accepted Solution

by:
ChiefIT earned 250 total points
ID: 24870718
Guys/Gals:

The problem with the standard procedure of setting up an outside time server for time is it's often blocked by a firewall. Though these lines should work, you have to drop your Time port for them to work.

NET TIME /setsntp:public_ntp_server
w32tm /RESYNC

To overcome that problem, download a FREE utility called "SYMMTIME" on your PDCe. That uses port 80 to synchronize your PDCe to a list of outside Time servers. Once your PDCe is synchronized, your clients will follow suit only if they go outside the 5 minute phase offset.

The phase offset is a couple registry flags that will determine if any nodes go +/- five minutes of the PDCe. In other words, your clients and servers on this domain will only synchronize if it goes out of a 5 minute window of the PDCe.

While downloading SYMMTIME you may also wish to check on another Free utility called LMcheck. This gives a list of computers and their times on your LAN.

Symmtime and LMcheck were designed and provided by Symmetricom, (a time server manufacturer).

0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now