Solved

NTP time setup help

Posted on 2011-09-06
23
1,336 Views
Last Modified: 2012-05-12
Hi Guys, getting some NTP errors on my PDC which I can't seem to fix and impacting client machines - error id 29 "The time provider NTPClient is configured to aquire time from one or more source, however non of the source are currently available"

Thanks
0
Comment
Question by:jovonn
  • 9
  • 5
  • 4
  • +4
23 Comments
 
LVL 11

Expert Comment

by:Coast-IT
ID: 36488437
0
 
LVL 13

Expert Comment

by:marine7275
ID: 36488626
Check out this article:
http://support.microsoft.com/kb/816042
0
 
LVL 8

Expert Comment

by:Amitabh Singh
ID: 36488672
To resolve this problem, configure Windows Time to use client mode when it synchronizes with the time server. To do this, follow these steps:

   1. Click Start, click Run, type cmd, and then press ENTER.
   2. At the command prompt, type the following commands in the order that they are given. After you type each command, press ENTER.
          * w32tm /config /manualpeerlist:NTP_server_IP_Address,0x8 /syncfromflags:MANUAL
          * net stop w32time
          * net start w32time
          * w32tm /resync
======================================
http://support.microsoft.com/kb/875424
0
 
LVL 1

Author Comment

by:jovonn
ID: 36488796
This was setup on a different PDC which after a lengthy service was de-commissioned - all fsmo roles were deployed to the BDC and the promoted as the PDC. We now have a different BDC server running split scope DNS/DHCP

For UK Time would the following be sufficient as I am unsure which time source to use

W32tm /config /manualpeerlist:<uk.pool.ntp.org> /syncfromflags:manual

Thanks

0
 
LVL 1

Author Comment

by:jovonn
ID: 36489501
Guy's thanks for the links can anyone give me actual dns or IP details to use. Can the ntp details be setup in a config file instead just out of interest?
0
 
LVL 9

Expert Comment

by:Chev_PCN
ID: 36489503
Hi Jovonn.
I would recommend that you set up two external providers for redundancy & make sure that they are at least tier2.  You may also have to check your other DC's to ensure that they are setup as type NT5DS & not NTP. I would also recommend that you use the IP addresses and not the FQDNs of the external time servers. Depending on the size of your organisation & the sensitivity of the apps, you may want to do this after hours - I have seen apps do some odd things if a timestamp reports a time earlier than the previous entry.
0
 
LVL 9

Expert Comment

by:Chev_PCN
ID: 36489518
Jovonn, who is your ISP - they should be able to provide you with details for their own NTP server.

Here's one list:
http://www.timetools.co.uk/ntp-servers/ref/ntp-server-uk.htm
0
 
LVL 9

Expert Comment

by:Chev_PCN
ID: 36489537
Sorry, one other note:
You need to use the server FQDN, which is 0.uk.pool.ntp.org, NOT uk.pool.ntp.org.
0
 
LVL 1

Author Comment

by:jovonn
ID: 36489718
Thanks for your responses

i'm using

W32tm /config /manualpeerlist:0.uk.pool.ntp.org,0x8 /syncfromflags:manual

net stop w32time && net start w32time

net w32tm

w32tm /resync

this gives me the computer did not resync because no time data was available?






0
 
LVL 8

Expert Comment

by:Amitabh Singh
ID: 36489798
use fallowing

1st try to ping 0.uk.pool.ntp.org or 77.75.105.169 if its pingable then do the fallowing

w32tm /config /manualpeerlist:77.75.105.169,0x8 /syncfromflags:MANUAL
net stop w32time
net start w32time
w32tm /resync


in case if its not work try to disable windows firewall or other firewall  and then try to resync again , check if NTP protocol is permit in your network
0
 
LVL 1

Author Comment

by:jovonn
ID: 36489956
Pinging works fine. Changing to the above value to IP still causes the same problem

computer did not resync because no time data was available

BTW we are not using a GPO for time updates...I don't think NTP is blocked - windows server 2003 is not using a firewall. Web traffic is working fine on port 80 of firewall. There is no internal filter stopping UDP123?
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 13

Expert Comment

by:rhinoceros
ID: 36493074
>>There is no internal filter stopping UDP123?
First, ensure your firewall port NTP 123 is opened to the "internet".

And then try it...

For example: Assigned PDC to NTP server, now sync with time.windows.com
*** NTP server
>>Type the following command to configure the PDC emulator and then press ENTER:
w32tm /config /manualpeerlist:peers /syncfromflags:manual /reliable:yes /update

With "peers" you can set the time source, either DNS name (time.windows.com) or an ip address from a reliable time source.

Here you can find some of them:
http://www.pool.ntp.org/

>>Then type the command to establish the connection
w32tm /resync /rediscover.

>>Further checking... (now you are able to see the sync connection has been established)
w32tm /monitor
w32tm /monitor / computers:xxx.xxx.xxx.xxx (NTP server)


*** Client servers and desktop
>>To configure a client computer for automatic domain time synchronization
w32tm /config /syncfromflags:domhier /update

After that run:
net stop w32time
net start w32time
0
 
LVL 1

Author Comment

by:jovonn
ID: 36494629
I've tried evrything that has been suggested here and I still cant get this thing to work

still getting the following message

computer did not resync because no time data was available

same Event Id 29
0
 
LVL 16

Accepted Solution

by:
vivigatt earned 500 total points
ID: 36495102
You should try to diagnose your issue.
At first, can your computer actually do NTP?
Use a tool with an interface.
I would use this one:
http://www.timesynctool.com/

Download, install. Do not install the service by now.
Run it: there is an icon in the status bar.
click teh icon.
Open the settings.
Change the NTP servers to be your preferred ones
Click "update now".
If it can get the time, then you do not have any NTP issue per se, the issue must then be in win32time configuration.

Here is my own w32ime config:
C:\>w32tm /dumpreg

Value Name         Value Type          Value Data

Description        REG_SZ              Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

DisplayName        REG_SZ              Windows Time
ErrorControl       REG_DWORD           1
Group              REG_SZ
ImagePath          REG_EXPAND_SZ       %SystemRoot%\System32\svchost.exe -k netsvcs
Objectname         REG_SZ              LocalSystem
Start              REG_DWORD           2
Type               REG_DWORD           32
FailureActions     <UNKNOWN REG TYPE>  <UNPARSABLE REG DATA>


C:\>w32tm /dumpreg /subkey:parameters

Value Name      Value Type          Value Data
--------------------------------------------------------------------

ServiceMain     REG_SZ              SvchostEntry_W32Time
ServiceDll      REG_EXPAND_SZ       C:\WINDOWS\system32\w32time.dll
NtpServer       REG_SZ              fr.pool.ntp.org,0x1
Type            REG_SZ              NTP


On some other computers where NTP client is set with policies (gpcedit.msc or domain GPO), I have the following settings:
NTP servers: fr.pool.ntp.org,0x9 pool.ntp.org,0x9 ntp.cnam.fr,0x9
Type: AllSync


Also, check the following articles:
http://technet.microsoft.com/en-us/library/cc749145%28WS.10%29.aspx
(here you can read that:
Setting Name and Effect       Default Setting

NtpServer: Establishes a space-delimited list of peers from which a computer obtains time stamps consisting of one or more DNS names or IP addresses per line. Computers connected to a domain must synchronize with a more reliable time source, such as the official U.S. time clock. This setting is used only when Type is set to NTP or AllSync.
0x01 SpecialInterval
0x02 UseAsFallbackOnly
0x04 SymmetricActive
0x08 NTP request in Client mode

Note that these values can be added. 0x9 means SpecialInterval and NTP request in Client mode

)

Check also the following article
http://support.microsoft.com/kb/816042

0
 
LVL 1

Author Comment

by:jovonn
ID: 36496304
I ran the tool and it appears to be getting the time from the external source

here is the dump files

Value Name         Value Type          Value Data
----------------------------------------------------

Description        REG_SZ              Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

DisplayName        REG_SZ              Windows Time
ErrorControl       REG_DWORD           1
FailureActions     REG_BINARY          05000000000000000000000002000000640020000100000060EA00000100000060EA0000
Group              REG_SZ              
ImagePath          REG_EXPAND_SZ       %SystemRoot%\system32\svchost.exe -k LocalService
Objectname         REG_SZ              NT AUTHORITY\LocalService
Start              REG_DWORD           2
Type               REG_DWORD           32

C:\>w32tm /dumpreg /subkey:parameters


Value Name      Value Type          Value Data
-------------------------------------------------

ServiceMain     REG_SZ              SvchostEntry_W32Time
ServiceDll      REG_EXPAND_SZ       C:\WINDOWS\system32\w32time.dll
NtpServer       REG_SZ              "0.uk.pool.ntp.org"
Type            REG_SZ              NT5DS
Enabled         REG_DWORD           1

I've run  the following

w32tm /stripchart /computer:192.168.0.1 /samples:3 /dataonly

w32tm /config /manualpeerlist:”0.uk.pool.ntp.org” /syncfromflags:manual /reliable:yes

net stop w32time && net start w32time

w32tm /resync
>sending resync command to local computer
computer did not resync because no time data was available

The difference is that Type is set to NT5DS which I think is required on the PDC with all member servers/clients set to NTP

But i am still see the resync error...






0
 
LVL 16

Expert Comment

by:vivigatt
ID: 36496683
Nope, NT5DS is not required for the PDC (but it is required for domain members).
Otherwise, it would mean that domain controllers must synchronize to other domain controllers only.

You also miss the digit after the NTP server name.
Try this:
NtpServer       REG_SZ              0.uk.pool.ntp.org,0x9
Type            REG_SZ              NTP

No quotes surrounding the server address!

commands:
w32tm /config /manualpeerlist:0.uk.pool.ntp.org,0x9 /syncfromflags:manual /reliable:yes
w32tm /config /update
w32tm /resync

But be careful! If there are policies set, the "service configuration" is not used, the policies are instead.
What is present in the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\W32time\Parameters
?

use RsOP command:
http://support.microsoft.com/kb/323276
(run rsop.msc if/when it is installed) and check the Windows Time Service configuration.
Make sure that the NTP server is OK (without quotes!) and that the type of synchronization is set to NTP or AllSync
0
 
LVL 1

Author Comment

by:jovonn
ID: 36501642
Ok so I've changed type from NT5DS to NTP on the PDC and using the following to update to my external time source which i can (ping) resolve by IP and DNS

The time sync tool works without any problem http://www.timesynctool.com/

w32tm /config /manualpeerlist:0.uk.pool.ntp.org,0x1 /syncfromflags:manual /reliable:yes
w32tm /config /update
net stop w32time && net start w32time
w32tm /resync

but still get 'computer did not resync because no time data was available'

Event Id 12

Time Provider NTPClient: This machine is configured to use the domain hierachy to  determine it's time source, but it is the PDC emulator etc...

I cannot see this key on my win7 pc or windows 2003 PDC

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\W32time\Parameters

Thanks




0
 
LVL 16

Expert Comment

by:vivigatt
ID: 36501962
use RSOP.msc !
It seems that a policy enforce a NTDS type only.
With RSOP.msc you should be able to see what is the actual policy
0
 
LVL 16

Expert Comment

by:vivigatt
ID: 36501966
Another way to make sure your server's time is accurate is to use nettime as a service...
0
 
LVL 1

Author Comment

by:jovonn
ID: 36529086
Just to update, I am still getting 'the computer did not resync because no time data was available' on the PDC after all of discussed tweaks.

However I have installed http://www.timesynctool.com/ on the PDC with NTP source pointing to  0.uk.pool.ntp.org, to update at intervals. Netlogon script has also been updated so clients are synching with PDC using net time \\<PDC> /set /yes

member severs updated with w32tm /config /syncfromflags:domhier /update

also ran RSOP to confirm if a GPO was set for time service that could be causing the problem, but nothing set.
0
 
LVL 9

Expert Comment

by:Chev_PCN
ID: 36529949
Can you please post a screenshot of your NTP registry settings? Thanks.
0
 
LVL 16

Expert Comment

by:vivigatt
ID: 36534863
You can also try to record a network trace, filtering on UDP 123 (NTP) and compare what happens with timesynctool and with w32tm /resync.
0
 
LVL 1

Author Comment

by:jovonn
ID: 36535609
Please see the attached registry settings. I will try a network trace as suggested with wireshark or wild packets..just to note that even though the NTP service is not working as desired, i am happy that the time sync tool is working and that all clients clocks have been synched (i have around 45 of them).

Thanks
W32Time.zip
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

Setting up a Microsoft WSUS update system is free relatively speaking if you have hard disk space and processor capacity.   However, WSUS can be a blessing and a curse. For example, there is nothing worse than approving updates and they just have…
Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now