Time Lag in Active directory sites
our client having 2 AD servers PDC and ADC on 2 sites they are facing time lag issues can you please what are the primary steps i have to check to resolve the issue and what could be the possible issues between them.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Mike Kline
How much time lag are you dealing with?
It looks like you don't have an authoritative time server in your domain or if you do it is syncing from it's hardware clock. At the server you want to be your authoritative time server for the domain. Note this should be one of your ADCs and you should only set one for the entire enterprise. All DWORD values are Decimal unless otherwise specified
1. HKEY_LOCAL_MACHINE\SYSTEM\
Value = NTP
2. HKEY_LOCAL_MACHINE\SYSTEM\
Value = 5
3. HKEY_LOCAL_MACHINE\SYSTEM\
Value = 1
4. HKEY_LOCAL_MACHINE\SYSTEM\
Value = tick.usno.navy.mil,0x1 tock.usno.navy.mil,0x1
Values above are US Navy time servers with a comma 0x1 separated by a space
5. HKEY_LOCAL_MACHINE\SYSTEM\
Value = 900
(This is time in seconds, 900=15 min)
6. HKEY_LOCAL_MACHINE\SYSTEM\
Value = 3600
7. HKEY_LOCAL_MACHINE\SYSTEM\
Value = 3600
8. open command prompt and type
net stop w32time & net start w32time
1. HKEY_LOCAL_MACHINE\SYSTEM\
Value = NTP
2. HKEY_LOCAL_MACHINE\SYSTEM\
Value = 5
3. HKEY_LOCAL_MACHINE\SYSTEM\
Value = 1
4. HKEY_LOCAL_MACHINE\SYSTEM\
Value = tick.usno.navy.mil,0x1 tock.usno.navy.mil,0x1
Values above are US Navy time servers with a comma 0x1 separated by a space
5. HKEY_LOCAL_MACHINE\SYSTEM\
Value = 900
(This is time in seconds, 900=15 min)
6. HKEY_LOCAL_MACHINE\SYSTEM\
Value = 3600
7. HKEY_LOCAL_MACHINE\SYSTEM\
Value = 3600
8. open command prompt and type
net stop w32time & net start w32time
boy, I was slow on that one...
great@mcsween but tell me before making any change how could i check is there any server authorative or not?
Look at the registry key HKEY_LOCAL_MACHINE\SYSTEM\
It should be set to 10 by default; 5 for your authoritative time server a reliable time server.
You could set this up on more than one server as long as you make sure
HKEY_LOCAL_MACHINE\SYSTEM\
is the same on any system acting as an authoritative time server. You might want to setup one in each office if you had a slow link between offices.
It should be set to 10 by default; 5 for your authoritative time server a reliable time server.
You could set this up on more than one server as long as you make sure
HKEY_LOCAL_MACHINE\SYSTEM\
is the same on any system acting as an authoritative time server. You might want to setup one in each office if you had a slow link between offices.
What is the time difference between DC?
PDC role owner in forest root domain should be a authorative time server. run "netdom qury fsmo" command to find out FSMO role owner.
You may refer below article for Time server configuration to sync PDC emulator to an External Time Source
http://abhijitw.wordpress.com/2011/10/08/time-server-configuration-to-sync-pdc-emulator-to-an-external-time-source/
PDC role owner in forest root domain should be a authorative time server. run "netdom qury fsmo" command to find out FSMO role owner.
You may refer below article for Time server configuration to sync PDC emulator to an External Time Source
http://abhijitw.wordpress.com/2011/10/08/time-server-configuration-to-sync-pdc-emulator-to-an-external-time-source/
Correction in command- netdom query fsmo
This could be useful - http://technet.microsoft.com/en-us/library/cc786897(WS.10).aspx