germano
asked on
Synchronize workstations' time with DC
Hi!
We have a network with a Windows Server 2003 Domain Controller and Windows XP workstations. The workstations on the network should synchronize the date and time with it, but that is not happening. I followed the steps in the site "http://support.microsoft.com/?scid=kb%3Ben-us%3B816042&x=13&y=12" but the problem persists. The command "net time \\server /set /yes" works fine, but it's not practical, beside the users should have access to change date and time on the workstation, I do not want to.
The Windows Time Service works fine in both server and workstations, but when I run "w32tm /resync" on the workstation I get the message: "The computer does not Resync because there was no time data available".
Where is the problem? Any clues?
Thaks!
We have a network with a Windows Server 2003 Domain Controller and Windows XP workstations. The workstations on the network should synchronize the date and time with it, but that is not happening. I followed the steps in the site "http://support.microsoft.com/?scid=kb%3Ben-us%3B816042&x=13&y=12" but the problem persists. The command "net time \\server /set /yes" works fine, but it's not practical, beside the users should have access to change date and time on the workstation, I do not want to.
The Windows Time Service works fine in both server and workstations, but when I run "w32tm /resync" on the workstation I get the message: "The computer does not Resync because there was no time data available".
Where is the problem? Any clues?
Thaks!
Also make sure you have configured these settings from the link you provided:
To configure an internal time server to synchronize with an external time source, follow these steps:
1. Change the server type to NTP. To do this, follow these steps:
1. Click Start, click Run, type regedit, and then click OK.
2. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\
3. In the right pane, right-click Type, and then click Modify.
4. In Edit Value, type NTP in the Value data box, and then click OK.
2. Set AnnounceFlags to 5. To do this, follow these steps:
1. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\
2. In the right pane, right-click AnnounceFlags, and then click Modify.
3. In Edit DWORD Value, type 5 in the Value data box, and then click OK.
3. Enable NTPServer. To do this, follow these steps:
1. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\
2. In the right pane, right-click Enabled, and then click Modify.
3. In Edit DWORD Value, type 1 in the Value data box, and then click OK.
4. Specify the time sources. To do this, follow these steps:
1. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\
2. In the right pane, right-click NtpServer, and then click Modify.
3. In Edit Value, type Peers in the Value data box, and then click OK.
Note Peers is a placeholder for a space-delimited list of peers from which your computer obtains time stamps. Each DNS name that is listed must be unique. You must append ,0x1 to the end of each DNS name. If you do not append ,0x1 to the end of each DNS name, the changes made in step 5 will not take effect.
5. Select the poll interval. To do this, follow these steps:
1. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\
2. In the right pane, right-click SpecialPollInterval, and then click Modify.
3. In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.
Note TimeInSeconds is a placeholder for the number of seconds that you want between each poll. A recommended value is 900 Decimal. This value configures the Time Server to poll every 15 minutes.
6. Configure the time correction settings. To do this, follow these steps:
1. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\
2. In the right pane, right-click MaxPosPhaseCorrection, and then click Modify.
3. In Edit DWORD Value, click to select Decimal in the Base box.
4. In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.
Note TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend upon the poll interval, network condition, and external time source.
5. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\
6. In the right pane, right-click MaxNegPhaseCorrection, and then click Modify.
7. In Edit DWORD Value, click to select Decimal in the Base box.
8. In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.
Note TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend upon the poll interval, network condition, and external time source.
7. Quit Registry Editor.
8. At the command prompt, type the following command to restart the Windows Time service, and then press ENTER:
net stop w32time && net start w32time
To configure an internal time server to synchronize with an external time source, follow these steps:
1. Change the server type to NTP. To do this, follow these steps:
1. Click Start, click Run, type regedit, and then click OK.
2. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\
3. In the right pane, right-click Type, and then click Modify.
4. In Edit Value, type NTP in the Value data box, and then click OK.
2. Set AnnounceFlags to 5. To do this, follow these steps:
1. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\
2. In the right pane, right-click AnnounceFlags, and then click Modify.
3. In Edit DWORD Value, type 5 in the Value data box, and then click OK.
3. Enable NTPServer. To do this, follow these steps:
1. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\
2. In the right pane, right-click Enabled, and then click Modify.
3. In Edit DWORD Value, type 1 in the Value data box, and then click OK.
4. Specify the time sources. To do this, follow these steps:
1. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\
2. In the right pane, right-click NtpServer, and then click Modify.
3. In Edit Value, type Peers in the Value data box, and then click OK.
Note Peers is a placeholder for a space-delimited list of peers from which your computer obtains time stamps. Each DNS name that is listed must be unique. You must append ,0x1 to the end of each DNS name. If you do not append ,0x1 to the end of each DNS name, the changes made in step 5 will not take effect.
5. Select the poll interval. To do this, follow these steps:
1. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\
2. In the right pane, right-click SpecialPollInterval, and then click Modify.
3. In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.
Note TimeInSeconds is a placeholder for the number of seconds that you want between each poll. A recommended value is 900 Decimal. This value configures the Time Server to poll every 15 minutes.
6. Configure the time correction settings. To do this, follow these steps:
1. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\
2. In the right pane, right-click MaxPosPhaseCorrection, and then click Modify.
3. In Edit DWORD Value, click to select Decimal in the Base box.
4. In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.
Note TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend upon the poll interval, network condition, and external time source.
5. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\
6. In the right pane, right-click MaxNegPhaseCorrection, and then click Modify.
7. In Edit DWORD Value, click to select Decimal in the Base box.
8. In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.
Note TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend upon the poll interval, network condition, and external time source.
7. Quit Registry Editor.
8. At the command prompt, type the following command to restart the Windows Time service, and then press ENTER:
net stop w32time && net start w32time
check the time zone on your workstations and make sure that its the same s your server, also start and stop the w32time service on the server after applying the above mentioned steps . then try to resync your workstations.
HI check the links below links for the time sync issue
Hope this could help you
https://www.experts-exchange.com/questions/22535321/Active-Directory-and-Time-Sync-w32time-Service.html
https://www.experts-exchange.com/questions/21379402/Windows-Time-Problems.html
https://www.experts-exchange.com/questions/24698725/Time-Sync-not-working.html
Good Luck
Cheers,
Prem
Hope this could help you
https://www.experts-exchange.com/questions/22535321/Active-Directory-and-Time-Sync-w32time-Service.html
https://www.experts-exchange.com/questions/21379402/Windows-Time-Problems.html
https://www.experts-exchange.com/questions/24698725/Time-Sync-not-working.html
Good Luck
Cheers,
Prem
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
ukznmcl, ChandarS and premglitz,
I double checked the instructions in "http://support.microsoft.com/kb/816042" but does not work.
Aswering your questions:
1. I wnat to configure my PDC to sync to an external time source (actually our proxy, a linux machine) and configure it as an authorative time source.
2. If I perform w32tm /resync on my PDC it said: "The computer did not resync because no time data was available." The same message is displayed on the workstations.
3. I double checked the steps in "http://support.microsoft.com/kb/223184" (the same was written by ukznmcl) on PDC, but still does not work.
4. The time zones on my PDC and Workstations are the same.
Perhaps there is a conflict between the GPO and W32Time registry entries. But I do not know what would be.
The scenario:
My PDC must to synchronize time with an external source and the workstations must synchronize the time automatically by the PDC, but none of these tasks is working.
We have a lot of workstations, we can not configure all manually.
Any further help?
Thanks.
I double checked the instructions in "http://support.microsoft.com/kb/816042" but does not work.
Aswering your questions:
1. I wnat to configure my PDC to sync to an external time source (actually our proxy, a linux machine) and configure it as an authorative time source.
2. If I perform w32tm /resync on my PDC it said: "The computer did not resync because no time data was available." The same message is displayed on the workstations.
3. I double checked the steps in "http://support.microsoft.com/kb/223184" (the same was written by ukznmcl) on PDC, but still does not work.
4. The time zones on my PDC and Workstations are the same.
Perhaps there is a conflict between the GPO and W32Time registry entries. But I do not know what would be.
The scenario:
My PDC must to synchronize time with an external source and the workstations must synchronize the time automatically by the PDC, but none of these tasks is working.
We have a lot of workstations, we can not configure all manually.
Any further help?
Thanks.
Try to remove/temp disable the GP from Domain Controller OU.
Check with rsop.msc on DC which other time policy is applied on the Doman Controller OU.
Wait for some time to apply GP on the server.
If poosible try to share th result.
Regards,
Chandar Singh
Check with rsop.msc on DC which other time policy is applied on the Doman Controller OU.
Wait for some time to apply GP on the server.
If poosible try to share th result.
Regards,
Chandar Singh
ASKER
ChandarS,
I ran rsop.msc and I saw that in both PDC and workstations, in "Computer Configuration-> Administrative Templates-> System-> Windows Time Service" the policie "Global Configuration Settings" and in "-> Time Providers" the polices "Enable Windows NTP Client," and "Configure Windows NTP Client" are all enabled. The article http://support.microsoft.com/kb/929276 tells me to set "Not Configured" in all these policies. Should I do this on both PDC and workstations?
Regards,
Germano.
I ran rsop.msc and I saw that in both PDC and workstations, in "Computer Configuration-> Administrative Templates-> System-> Windows Time Service" the policie "Global Configuration Settings" and in "-> Time Providers" the polices "Enable Windows NTP Client," and "Configure Windows NTP Client" are all enabled. The article http://support.microsoft.com/kb/929276 tells me to set "Not Configured" in all these policies. Should I do this on both PDC and workstations?
Regards,
Germano.
no what u have to do is to create a group policy with the configuration you mentioned above and link this group policy to the OU having your computers object, the same should be done for you default domain controler policy which is holding the PDC emulator role.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Sorry, elawad,
1. I do not understand. I must create a new GP setting to "Not Configured" or "Enable" in all options mentioned?
2. Should I link the GP to the OU having my computer and the OU having my DC?
Currently I already have a GP set to "Enable" in all options mentioned above linked to computers and DC's OU. In fact these settings are in the Default Domain Policy which is applied to all my computers, including DCs.
Regards,
Germano.
1. I do not understand. I must create a new GP setting to "Not Configured" or "Enable" in all options mentioned?
2. Should I link the GP to the OU having my computer and the OU having my DC?
Currently I already have a GP set to "Enable" in all options mentioned above linked to computers and DC's OU. In fact these settings are in the Default Domain Policy which is applied to all my computers, including DCs.
Regards,
Germano.
yes that is true the same group polciy the default domain one should be applied but with the not configured instead of the enabeled option. and also the default domain controller policy you should apply the same on it.
N.B: you DC shoudnt be on the same ou as your computers they should be by default in ou called domaincontrollers and the policy applied on them should be "Deafult domain controller policy" not default domain policy.
N.B: you DC shoudnt be on the same ou as your computers they should be by default in ou called domaincontrollers and the policy applied on them should be "Deafult domain controller policy" not default domain policy.
Try to remove the Windows Time Group Policy for temp basis and check issue is still exits.
ASKER
Yes elawad, its true. The policy applied on DC is "Deafult domain controller policy" (with the "not configured") but the Default Domain Policy (with the "enable") is applied on my domain (root) and Domain Controllers OU is bellow in the hierarchy. Therefore,
My computers are within the Computers OU. I think is not possible apply a GP exclusively on that OU.
I will try to remove the Windows Time Group Policy to all computers, but I think the problem will continue on the workstations.
Regards,
Germano.
My computers are within the Computers OU. I think is not possible apply a GP exclusively on that OU.
I will try to remove the Windows Time Group Policy to all computers, but I think the problem will continue on the workstations.
Regards,
Germano.
ASKER
Hi,
I set "Not Configured" on the Default Group Policy to all computers, then I ran the gpupdate /force.
The command w32tm /resync /rediscover now works but, some workstations do not synchronize automatically. For them, I had to remove from domain and put tehm back to work the synchronism.
Now I think it's working. I'll observe for a few more days.
Regards,
Germano
I set "Not Configured" on the Default Group Policy to all computers, then I ran the gpupdate /force.
The command w32tm /resync /rediscover now works but, some workstations do not synchronize automatically. For them, I had to remove from domain and put tehm back to work the synchronism.
Now I think it's working. I'll observe for a few more days.
Regards,
Germano
ok at last good news buddy :)
ASKER
The Domain Controler and SOME workstations synchronize now. But I think the other workstations do not synchronize the time because of another problem in GPs, because, I noticed that other policies are not being applied.
Also you mentioned that the workstations should sync date and time. That is not true, they only sync time, not date.