Solved

What is the best way to get all servers clock insync

Posted on 2011-02-10
3
335 Views
Last Modified: 2012-05-11
I manage 3 locations and all the servers have different clock times.  It's most annoying when a user logs on to Citrix and their computer clock is 3 minutes different than the Citrix server.  I'm using the net time  /setsntp:servername command but there's got to be a better way to this so they are all insync.
All locations have a 2008 DC
0
Comment
Question by:J.R. Sitman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 3

Accepted Solution

by:
pitchford earned 250 total points
ID: 34867422
On the PDC Emulator
To configure an external time source on the PDC emulator, execute the following command (pool.ntp.org, used here only as an example):
w32tm /config /manualpeerlist:pool.ntp.org /syncfromflags:MANUAL /update
Always restart the windows time service (w32time) when making any changes:
net stop w32time && net start we32time
To force synchronization with the external time source:
w32tm /resync
To verify the time source you just set:
w32tm /query /source

On Domain Members
To synch  a domain member server or workstation to the domain hierarchy, execute:
w32tm /config /update /syncfromflags:DOMHIER
restart W32Time Services:
net stop w32time && net start w32time
To verify time synchronization  is functioning:
w32tm /query /status

SOURCE: http://www.quantumofgeek.com/2010/03/time-synchronization-in-server-2003-and-2008-active-directory-domains/
0
 

Author Comment

by:J.R. Sitman
ID: 34867483
Can you clarify your example with exactly what I would use?  I'm guessing somewhere in the command should be our domain name?  laspca.corp
I obviously don't want to have to do this to every server and workstation.  If there a GPO?
0
 
LVL 21

Expert Comment

by:snusgubben
ID: 34871185
I like to use a GPO with a WMI filter to set the PDCe to use an external NTP, and let the domain hierarchy do the rest.

http://adfordummiez.com/?p=67

It's easy to configure, no extra work if you move the PDCe role to another DC, and it don't tattoo the registry.
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Let's recap what we learned from yesterday's Skyport Systems webinar.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question