Solved

NTP windows 2003 ad

Posted on 2010-09-15
6
508 Views
Last Modified: 2012-05-10
Hi,
   I have had alot of issue with ntp in the domain. I have resolved alot of the issues but i am getting the following behaviour which seems a bit strange to me

i changed the time on the pdc server for a test of everything syncing of it. On some servers this time will change automatic no manual intervention but on others and client machines you have to force sync i.e
w32tm /resync
Once you manual enter this command it will go to the pdc and get the time off the pdc fine but why is not doing in automatically  manual intervention on some servers and on client while on others it is ok???

any suggestions?


Thks,

Eoghan  
0
Comment
Question by:BarepAssets
6 Comments
 
LVL 9

Expert Comment

by:Tomas Valenta
ID: 33680428
try on workstations running this:
w32tm /config /syncfromflags:domhier /update
net stop w32time
net start w32time
0
 
LVL 12

Expert Comment

by:Rant32
ID: 33680512
A manual NTP peer was probably configured on the clients. If that is the case, then

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type

is set to the value 'NTP' which should be Nt5DS.

To reset Windows 2003 and XP to domain time synchronization, enter this (nothing after the colon):

net time /setsntp:
The command completed successfully.

That also changes the W32Time synchronization type to Nt5DS, which is correct for domain clients. Ideally, only the PDC is set to NTP type with manual NTP peer.

To verify, type

net time /querysntp
This computer is not currently configured to use a specific SNTP server.
0
 

Author Comment

by:BarepAssets
ID: 33681383
hi a manual peer was configured i reset this and when i do net time /querysntp get the above no specfic sntp server also i done  the domain hierachy command and restarted the service still the same if i type resync it works but does not work auto

 
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 12

Accepted Solution

by:
Rant32 earned 500 total points
ID: 33681537
Are you forcibly setting the wrong time on the client to test your time synchronization? That doesn't work.

Depending on the configuration of the time service and the time difference, the background clock synchronization will not make time jumps like it does with a manual sync. Instead, the time is skewed slowly until it's close to the source.

Source: How the Windows Time Service Works
http://technet.microsoft.com/en-us/library/cc773013%28WS.10%29.aspx

Instead, look for Information Event ID 35 in the System event viewer to see if clients are receiving time from the domain controller. If you see Info Event 35, your time sync is fine.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 33682018
Time will not update automatically at the same time on all systems.

Run w32tm /resync /rediscover on the clients you think you are having issues with if they update you are good to go.
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 33690463
also with a /nowait option with resync rediscover

rant32 is correct on time skew to the source.

if your event logs indicate that time sync is happening the rest will work
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Learn about cloud computing and its benefits for small business owners.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now