Solved

DC time is slow - 15 seconds = 28 seconds, causing havok on entire domain

Posted on 2010-09-16
7
581 Views
Last Modified: 2012-05-10
The PDC DC in the domain has since yesterday started having the clock run slow. Example - 15 seconds is really 28 seconds. We have removed the updates that were applied just before this all happened, first we applied the updates of the 15th (we release them in batches), then all this happened. so the next day we applied to apply the system updates, and we hoped it would correct the ntp issue from the night before  -
on the 15th (these are mostly IE updates)
976662
971961
982632
981332
on the 16th (these are mostly Win updates)
2121546
2347290
982802
2259922
981322
981550
975558
2141007

We have set the clock to an external source at University of Toronto but as it sync's the clock is still running slow. This DC is a VM so it shouln't be the BIOS battery is dieing.


0
Comment
Question by:keystonetech
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 5

Expert Comment

by:ewkelly
ID: 33693047
Look at the bios of the machine that the vm is running on.
 
0
 
LVL 28

Expert Comment

by:bgoering
ID: 33693131
More info please. Windows version? Virtualization platform (ESX, VMware Server, Hyper-V, etc)
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 33695085
I had problems when running MS Virtual Server 2005 R2 and it did the same thing you describe. It really sounds like the virtualization layer. I suggest looking for patches, and reboot the host machine.
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 
LVL 38

Expert Comment

by:ChiefIT
ID: 33703321
most firewalls will block the port needed to synchronize from broadcasted time.

Instead, I use Symmtime on the PDCe in order to synch with an outside time server...

Symmtime uses port 80 instead of port 123 for time synchronization.

Symmtime was created by Symmetricom, and they make Time servers (like atomic clocks, and GPS servers) for network time. The utility is SUPER easy to configure. Also, Symmetricom has a second utility called LMcheck. This checks your domain computers to see how out of synch they are with the PDCe.

I recommend both utilities.

http://www.symmetricom.com/resources/downloads/symmtime/
0
 
LVL 16

Accepted Solution

by:
danm66 earned 500 total points
ID: 33704805
if you have multiple hosts and have vmotioned the vm at all, you might try powering down the vm completely and then powering it back on.  doing a restart or reset won't do the same job...you need to completely destroy the world that vm lives within.  I have heard of an occaisional issue with timing getting messed up after a vmotion and if you have DRS it could have been migrated without you knowing it.

Also, the global recommendation from VMware is that you use external time synchronization and not rely on VMware tools to do your time sync, so make sure that you can use NTP or another utility to keep your DC's time up to date.
0
 

Author Comment

by:keystonetech
ID: 33704902
0
 

Author Comment

by:keystonetech
ID: 33704907
Thanks to everyone for being prompt and helping - danm66 you were very close
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question