• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2885
  • Last Modified:

How do I get server time from my firewall?

I support a Windows AD domain: 1- Win 2003 Enterprise srvr, 1- Windows 2003 Std server, 35 workstations xp, vista, win7, one Sonicwall TZ210W firewall

I setup my firewall to get time from internet timeservers. Now how do I set my Windows 2003 Enterprise server (which is the PDC Emulator) to get time from the Sonicwall?

My sonicwall has an IP of 192.168.1.254
0
Tony Giangreco
Asked:
Tony Giangreco
  • 5
  • 5
1 Solution
 
thiagotietzeCommented:
TG-TIS

The best way to do it, is to estrictly follow this KB from Microsoft:
http://support.microsoft.com/kb/816042/en-us
0
 
ShareefHuddleCommented:
Unless they came out with a new OS, a sonicwall tz210 is not a NTP server. You can setup you server to sync outside though.

Follow this link: http://technet.microsoft.com/en-us/library/cc784553(WS.10).aspx
0
 
thiagotietzeCommented:
Resuming a little:

--    Change the server type to NTP. To do this, follow these steps:
-        Click Start, click Run, type regedit, and then click OK.
-        Locate and then click the following registry subkey:
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type
-        In the right pane, right-click Type, and then click Modify.
-        In Edit Value, type NTP in the Value data box, and then click OK.
--    Set AnnounceFlags to 5. To do this, follow these steps:
-        Locate and then click the following registry subkey:
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags
-        In the right pane, right-click AnnounceFlags, and then click Modify.
-        In Edit DWORD Value, type 5 in the Value data box, and then click OK.
--    Enable NTPServer. To do this, follow these steps:
-       Locate and then click the following registry subkey:
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer
-        In the right pane, right-click Enabled, and then click Modify.
-        In Edit DWORD Value, type 1 in the Value data box, and then click OK.
--    Specify the time sources. To do this, follow these steps:
-        Locate and then click the following registry subkey:
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters
-        In the right pane, right-click NtpServer, and then click Modify.
-        In Edit Value, type Peers in the Value data box, and then click OK.

        Note Peers is a placeholder for a space-delimited list of peers from which your computer obtains time stamps. Each DNS name that is listed must be unique. You must append ,0x1 to the end of each DNS name. If you do not append ,0x1 to the end of each DNS name, the changes made in step 5 will not take effect.
    Select the poll interval. To do this, follow these steps:
        Locate and then click the following registry subkey:
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient\SpecialPollInterval
        In the right pane, right-click SpecialPollInterval, and then click Modify.
        In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.

        Note TimeInSeconds is a placeholder for the number of seconds that you want between each poll. A recommended value is 900 Decimal. This value configures the Time Server to poll every 15 minutes.
    Configure the time correction settings. To do this, follow these steps:
        Locate and then click the following registry subkey:
        HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\MaxPosPhaseCorrection
        In the right pane, right-click MaxPosPhaseCorrection, and then click Modify.
        In Edit DWORD Value, click to select Decimal in the Base box.
        In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.

        Note TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend upon the poll interval, network condition, and external time source.
        Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\MaxNegPhaseCorrection
        In the right pane, right-click MaxNegPhaseCorrection, and then click Modify.
        In Edit DWORD Value, click to select Decimal in the Base box.
        In Edit DWORD Value, type TimeInSeconds in the Value data box, and then click OK.

        Note TimeInSeconds is a placeholder for a reasonable value, such as 1 hour (3600) or 30 minutes (1800). The value that you select will depend upon the poll interval, network condition, and external time source.
    Quit Registry Editor.
    At the command prompt, type the following command to restart the Windows Time service, and then press ENTER:
    net stop w32time && net start w32time
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
thiagotietzeCommented:
After all this, dont forget to verify the configurations by using

w32tm /monitor

and to verify the other domain controllers (the PDC FSMO one will be the master) doing:

w32tm /resync /rediscover
0
 
Tony GiangrecoAuthor Commented:
Hi thiagotietze:

I tried your solution and started receiving these messages in the system event log:
The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible.  No attempt to contact a source will be made for 15 minutes. NtpClient has no source of accurate time.
0
 
Tony GiangrecoAuthor Commented:
I ran the two commands. Here is the output:
Microsoft Windows [Version 5.2.3790] (C) Copyright 1985-2003 Microsoft Corp.

C:\>w32tm /monitor
hpm1.xxxx.ads [192.168.1.2]:
    ICMP: 0ms delay.
    NTP: +21.2220951s offset from hpm3.xxxx.ads
        RefID: time.nist.gov [192.43.244.18]
hpm3.xxxx.ads *** PDC *** [192.168.1.4]:
    ICMP: 0ms delay.
    NTP: +0.0000000s offset from hpm3.xxx.ads
        RefID: 'LOCL' [76.79.67.76]

C:\>
C:\>w32tm /resync /rediscover
Sending resync command to local computer...
The computer did not resync because no time data was available.

C:\>
0
 
thiagotietzeCommented:
The services have been restarted with sucess?
If yes, try to unregister and re-register the service....

net stop w32time

w32tm /unregister
w32tm /register

net start w32time


If not works yet, are you able to restart the server?
0
 
Tony GiangrecoAuthor Commented:
I just ran that with no errors, but this came into the system log:

Event Type:      Warning
Event Source:      W32Time
Event Category:      None
Event ID:      12
Date:            11/9/2010
Time:            3:19:16 PM
User:            N/A
Computer:      HPM3
Description:
Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the PDC emulator for the domain at the root of the forest, so there is no machine above it in the domain hierarchy to use as a time source.  It is recommended that you either configure a reliable time service in the root domain, or manually configure the PDC to synchronize with an external time source.  Otherwise, this machine will  function as the authoritative time source in the domain hierarchy.  If an external  time source is not configured or used for this computer, you may choose to disable  the NtpClient.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 
thiagotietzeCommented:
yes, it is just informing that this machine will assume as an authoritative server...

It is working :-)
0
 
Tony GiangrecoAuthor Commented:
I'm still getting the same w32 errors as before.
0
 
Tony GiangrecoAuthor Commented:
thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

  • 5
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now