Windows Authoritative Time Server
Posted on 2011-10-21
I'm having a problem "I think" with an authoritative windows time server. Let me run down what I've done.
First I needed to verify that my PDC was in fact my PDC (It's a 2008 Server.)
I ran the following command from a workstation:
C:\>netdom /query fsmo
Schema owner DC1.
Domain role owner DC1.
PDC role DC1.
RID pool manager DC1.
Infrastructure owner DC1.
So, clearly DC1 is my PDC. Then I stopped the w32time service on the PDC, and ran the following command:
C:\>w32tm /config /syncfromflags:manual /manualpeerlist:"0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org"
C:\>Type: w32tm /config /reliable:yes
And restarted the w32time service.
Now it's my understanding that workstations in the domain are supposed to, "by default", get their time from the PDC. So next I rebooted a few workstations, and at first it looked like all was fine, until yesterday when I noticed one of my sites was consistently 3 minutes off from both the PDC, and the other 4 networks. So I started doing a little checking.
I again ran the "netdom /query fsmo" from a couple of machines on the problem network and got the correct results.
Here is the part I'm not sure is right. When I run "net time /querysntp" from the domain controller I get:
The current SNTP value is: 0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org
But when I run the same command from "any" workstation I get:
The current SNTP value is: time.windows.com,0x1
Shouldn't I be getting the same as the PDC value, if it is in fact defaulting to it? Could this be my problem, and does anybody no how to fix it if it is indeed a problem?