Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Windows NTP Configuratuon using VMWare Hosts

Posted on 2011-02-23
5
Medium Priority
?
783 Views
Last Modified: 2012-05-11
Could someone please confirm if this configuration is correct?

We have all our servers hosted within VMWare, and all workstations connect via GPO from the main DC...

Regards,
Michael Caldecott     NTP-Drawing.pdf
0
Comment
Question by:Excel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 28

Expert Comment

by:bgoering
ID: 34960120
Don't do both. Sync your ESX servers with a public NTP server, your domain controller can sync with the ntp server or with an external source. All servers and workstations sync with the dc and uncheck the sync with esx box.
0
 
LVL 28

Expert Comment

by:bgoering
ID: 34960134
0
 
LVL 40

Expert Comment

by:coolsport00
ID: 34960205
Concur with "bgoering". Configure an ATS (auth time srvr) in your domain (no group policy needed) to get its time from an external source. Configure it on a DC preferably (see this MS KB: http://support.microsoft.com/kb/816042/). Time sync will propagate to the other DCs in your org. Then, configure NTP on your ESX/i hosts to sync with the ATS in your domain. Last, make sure VMware Tools on all your VMs have the time sync with host UNCHECKED. They will get time from the DC they authenticate against.

Hope that helps.

Regards,
~coolsport00
0
 

Author Comment

by:Excel
ID: 34960283
bgoering:

I already have the following setup, ESX hosts sync with public NTP, all VMWare systems sync with VM tools... My confusion is; as we use GPO NTP which points to our DC, do I un-tick the VM tools for those connected too the DC GPO?

And for all (non-domain connected systems) do I enable the VM tools time sync within these images?

Regards,
M
0
 
LVL 28

Accepted Solution

by:
bgoering earned 2000 total points
ID: 34966466
Yes, that is workable and the only trick to remember is to never sync with both the ESX host through vmware tools AND other methods such as your GPO NTP. If all your servers are virtual as you indicate then sync your DC that holds the PDC role either through VMware tools with the host, or directly to public time servers (remembering if you go to public servers, don't sync this one with ESX either) - it doesn't make a lot of difference which. Then make sure none of your other windows boxes are syncing with ESX - let them all pull the time from the DC infrastructure.

The biggest rule is don't do both on anything as they can end up fighting a bit over who is correct and you will have small corrections either way going on all the time.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I will show you HOW TO: Install VMware Tools for Windows on a VMware Windows virtual machine on a VMware vSphere Hypervisor 6.5 (ESXi 6.5) Host Server, using the VMware Host Client. The virtual machine has Windows Server 2016 instal…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Teach the user how to configure vSphere Replication and how to protect and recover VMs Open vSphere Web Client: Verify vsphere Replication is enabled: Enable vSphere Replication for a virtual machine: Verify replicated VM is created: Recover replica…
This Micro Tutorial steps you through the configuration steps to configure your ESXi host Management Network settings and test the management network, ensure the host is recognized by the DNS Server, configure a new password, and the troubleshooting…

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question