Avatar of Eric Kung
Eric Kung
 asked on

DC not synchronizing with public NTP server

Please help, I want my DC (2008 R2) to synchronizing with public NTP server (us.pool.net.org), and become as a NTP source for my domain. Here is what I did.

1.      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\ , AnnounceFlags to 5
2.      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\                                              Services\W32Time\TimeProviders\NtpServer\ , enabled to 1
3.      in command prompt type: w32tm /config /manualpeerlist:us.pool.ntp.org
4.      net stop w32time && net start w32time

But when I run w32tm /query /status, it still shows source: Local CMOS Clock.


Thanks in advance.
Windows Server 2008Windows Server 2003Windows Networking

Avatar of undefined
Last Comment
Nagendra Pratap Singh

8/22/2022 - Mon
motnahp00

Try doing this from command line instead:

w32tm /config/computer:<name of your DC>/manualpeerlist:us.pool.net.org /syncfromflags:manual /update
pwnbasketz

did you throw in a w32tm /config /update ?
Eric Kung

ASKER
I run
w32tm /config/computer:DC1manualpeerlist:us.pool.net.org /syncfromflags:manual /update
The command complete successfully
Then I run
w32tm /config /update
The command complete successfully
Then
net stop w32time && net start w32time

but still shows local COMS clock
This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
motnahp00

If you are running this command from the PDC emulator, then all machines within the domain will respect this as the master time source.

Verify that you are running this from the PDC emulator:

netdom query fsmo
Eric Kung

ASKER
Run netdom query fsmo, DC1 is my PDC emulator, I only have one DC, all fsmo rolls are on this DC. My other computers are using this DC as NTP source, but the question is this DC is using local CMOS clock as source.
motnahp00

You configured everything correctly in my opinion. Do you have any firewall restrictions for NTP?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Eric Kung

ASKER
I use InternetTime program to help me debug connectivity the NTP server, please see attachment.
NTP.jpg
motnahp00

Well, you ruled that one out. Other than that, I'm out of ideas besides bouncing the box to see if you get different results.
pwnbasketz

just noticed a typo, not sure if you copy/pasted from earlier or not, but did you use:

w32tm /config /computer:DC1 /manualpeerlist:us.pool.net.org /syncfromflags:manual /update

or

w32tm /config /computer:DC1 /manualpeerlist:us.pool.ntp.org /syncfromflags:manual /update

?
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
Eric Kung

ASKER
No luck, I re-run using .ntp,  w32 update the stop and start NTP, still shows source: Local CMOS Clock.
Eric Kung

ASKER
Here is what I run w32time /query /configuration, do you think it is cause by policy?
w32time-Configuration.jpg
pwnbasketz

i notice the VMIC time source in there...  is this a virtual?
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Eric Kung

ASKER
yes, it is virtual
pwnbasketz

What is the platform and are you sure time sync is disabled for the integration components?
Eric Kung

ASKER
it's on VMware ESXi, I setup the ESXi to use us.pool.net.org for NTP. Do you know what is the correct way to set this up?
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
ASKER CERTIFIED SOLUTION
pwnbasketz

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Eric Kung

ASKER
I think I got it to work, there's an option on VM tools to sync with host.
pwnbasketz

Did you just have to disable it? =)
motnahp00

Hyper-V has something similar with Integration Services.
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
footech

Also, verify that you don't have local policy or Group Policy configuring these settings (i.e. set in your Default Domain Policy or other applied at the domain level).  I see that many of your settings are configured by policy instead of local.  The settings are fine for clients, but shouldn't be applied to the DC.
Leon Fester

Verify that your VMWare Guest is not configured to sync time from Host.
You definitely don't want that on a DC.
Nagendra Pratap Singh

Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy