• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 736
  • Last Modified:

What are the best practices for the properly configuring NTP in a Windows 2000/2003 Environment

I'm in a Windows 2000/2003 domain. In addition I have a dmz environment that contains mostly Windows 2000/2003 servers and a couple Solaris Web servers and a DR ennvironment containing mostly windows 2003 servers and a couple of Solaris Web servers. What is the best practices approach and design to the proper configuration of NTP?
0
cheyliger
Asked:
cheyliger
  • 5
  • 2
1 Solution
 
surbabu140977Commented:
I have a sketchy memory of this having been done a long time back. But in short, you need to install Windows time service and configure PDC master to use either internal or external source. The list of external stratum1/2 servers are located below.
http://support.microsoft.com/kb/262680

The below link is actually describing how you can use the PDC as the authorative one using either internal CMOS or external source.
http://support.microsoft.com/kb/816042

I am not a SUN person, but you can definitely configure them to use your PDC as the NTP source like the windows clients.

Best,


0
 
surbabu140977Commented:
If your env is large then you might consider using/installing ntpd for windows/linux. That should bring down the time correction within 35 ms.

Best,
0
 
cheyligerAuthor Commented:
Thank you, Subabu140 for your suggestions but, when I inquired about best practises for configuring NTP I'm looking for what is the accepted standard approach  to set up and configuring it, such as is it best to use pool time servers as opposed to a couple of non pool ones or govt time servers as opposed to non govt ones. Also, my env is small so using or installing ntpd for windows /linux may not be option.
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
surbabu140977Commented:
I would generally configure 1 server internally to point to an external source e.g pool.ntp.org. The rest of the clients should point to that internal server. That should suffice and not a bad practice at all. :)

For ONLY windows or AD environement Microsoft authorative times servers should have been enough. (http://community.spiceworks.com/education/projects/Microsoft_Authoritative_Time_Servers)

below is just an alternate suggestion. (for a mix of windows/non-windows env)

Installing one non-windows (sun/linux) time server and have ALL your  devices synchronize with these Linux Time Servers. This would simply add another Stratum to the whole configuration, by which i mean, do not configure the workstations themselves to hit your Linux Time Server, but rather point your Active Directory server(s) to your internal Linux Time Server, which will allow the workstations to continue to use default dependencies on their Domain Controller(s) time configuration(s).


Best,


0
 
surbabu140977Commented:
To exactly answer your question, I always prefer the pool.

Best,
0
 
surbabu140977Commented:
And as a FYI,  there is no benefit to using specific servers over pool servers, unless you know you're really really close to one. Every single one of them is synched to a high-tiered server, and can be considered quite accurate.
0
 
cheyligerAuthor Commented:
I actually wanted to use Surbabu140 first comment as the complete answer but I mistakingly clicked on the one that is highlighted "green" and the system wont allow me to correct it.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now