Solved

Windows 2008 R2 -- configurng time source

Posted on 2010-09-07
6
1,285 Views
Last Modified: 2012-05-10
I've recently installed a new 2008 R2 DC in my previously all 2003 domain. I'm planning to transfer over the PDC Emualator role and researching best time management for domain.  The article http://support.microsoft.com/kb/816042  recommends to use a 'hardware source' and also reduce the time correction settings.  At first, I though they meant the hardware clock in the computer - but further research indicates that they may mean a separate atomic or gps clock placed on the network for just this purpose.  I don't find much on the topic of hardware clocks for the network? I realize I can alternately use a NIST external time source on the Internet -- which I somewhat leans towards - but want to do what is 'recommended'.  Can someone give me some advice?  Also, does any know an article about reducing time connection settings - and it this necessary?

Thanks
C Emmons
0
Comment
Question by:apsutechteam
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 20

Accepted Solution

by:
woolnoir earned 375 total points
ID: 33619341
you can use this guide to configure an external NTP server for your PDC emulator - it will ensure the time of the whole domain is as accurate as possible.

http://defaultreasoning.wordpress.com/2009/11/16/synchronize-time-with-external-ntp-server-on-windows-server-2008-r2/
0
 
LVL 20

Assisted Solution

by:woolnoir
woolnoir earned 375 total points
ID: 33619356
Its always general best practise to point the PDC externally, although internally you want everything to be on 'domain time' to ensure no authentication issues (which are time critical ) - you want to ensure that you are linked to an external source. This becomes especially important if you have any external links - and for services like email etc, as synced clocks make logging and auditing a lot more effective.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33619357
You should an external time source for your domain this is the standard since your internal hardware clock can get off time depending on the CMOS battery.

If you import this reg file into the system this will configure your system to use an external time source.

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23630502.html
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
LVL 20

Assisted Solution

by:woolnoir
woolnoir earned 375 total points
ID: 33619375
In addition to my two posts above, ensure that any firewall is set to allow the NTP protocol through to the addresses you add, ideally just add NTP > ALL , but you can lock this down more if required.
0
 
LVL 40

Assisted Solution

by:Adam Brown
Adam Brown earned 125 total points
ID: 33619422
Most hardware clocks will synchronize with the atomic clocks that are run by the government. The only advantage that having a hardware clock on your network has is the ability to maintain correct time without internet connectivity since they synchronize through . If you set up your PDC to communicate with the NIST or even Windows time servers, that will be sufficient for your needs. Gigantic networks with a large number of domains and a lot of time sync traffic going out of the network are the only ones who really need to worry about obtaining a specialized network time server. As for configuring the time settings, you'll probably want to handle this with the w32tm utility in the command prompt. An article on this utility is located here: http://technet.microsoft.com/en-us/library/cc773263%28WS.10%29.aspx
0
 

Author Closing Comment

by:apsutechteam
ID: 33889175
Thanks everyone.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question