asked on How to diagnose time issues in a large 2003 domain?
Hello,
We have a large (5500+) mixed OS (mostly Win7, a few WinXP) environment, with 6 Server 2003 DCs, running at a 2003 Functional Level. These DC's are housed in four separate locations, all 'direct' connected to our home office via fiber.
We've noticed a time discrepancy in the past month or two with workstation time. Initial diagnosis showed us that there are varying times between the six domain controllers.
The DC setup seems consistent and correct (as far as I know it... I don't have much experience with Server 2003). DC2 has the PDC Emulator role, and is configured to use 0.north-america.pool.ntp.o
The odd thing is that even though we currently have a discrepancy of more than 3 minutes between DC1 and DC2, there are no (that I can find, anyway) NTP errors being reported on either server.
Can someone assist me in troubleshooting this?
Thank you.
Scott
We have a large (5500+) mixed OS (mostly Win7, a few WinXP) environment, with 6 Server 2003 DCs, running at a 2003 Functional Level. These DC's are housed in four separate locations, all 'direct' connected to our home office via fiber.
We've noticed a time discrepancy in the past month or two with workstation time. Initial diagnosis showed us that there are varying times between the six domain controllers.
The DC setup seems consistent and correct (as far as I know it... I don't have much experience with Server 2003). DC2 has the PDC Emulator role, and is configured to use 0.north-america.pool.ntp.o
The odd thing is that even though we currently have a discrepancy of more than 3 minutes between DC1 and DC2, there are no (that I can find, anyway) NTP errors being reported on either server.
Can someone assist me in troubleshooting this?
Thank you.
Scott
Windows Server 2003
Last Comment
meelnah
I would check the interval time is checked on your Main DC and setup a manual task on the other DC's to sync their time with the Main DC every hour or two. Then monitor them all a few times a day to see if they stay synced.
ASKER
Hi TG-TIS,
Thanks for the response.
I'm not sure exactly how you meant I should 'check the interval time on my main DC', but we may have a handle the issue now.
I ran 'w32tm /monitor' and found all six DC's reporting in were showing that they were syncing with DC2 (our PDC Emulator), but 4 of the six were 195 seconds off. Also, the RefID in the results from the /monitor command referenced a forest root server, not the PDC Emulator.
I wasn't even aware that we had a forest root server (we have only one domain... it is a legacy server that was never removed from the network), but it was also set to pull it's time from an external time source.
To resolve, I left the FR server alone and configured the PDC Emulator's NtpServer registry setting to point to the FR server, rather than an external source.
I then went to each DC and verified (and in some cases reset) their NtpServer entry to the PDC Emulator, and their 'type' to NT5DS.
Afterward, I restarted the W32Time service on each, and then resync'd using w32tm /resync /rediscover.
So far, so good... each server is within 2 one-hundredths of the PDC. I'll check again tomorrow.
sm
Thanks for the response.
I'm not sure exactly how you meant I should 'check the interval time on my main DC', but we may have a handle the issue now.
I ran 'w32tm /monitor' and found all six DC's reporting in were showing that they were syncing with DC2 (our PDC Emulator), but 4 of the six were 195 seconds off. Also, the RefID in the results from the /monitor command referenced a forest root server, not the PDC Emulator.
I wasn't even aware that we had a forest root server (we have only one domain... it is a legacy server that was never removed from the network), but it was also set to pull it's time from an external time source.
To resolve, I left the FR server alone and configured the PDC Emulator's NtpServer registry setting to point to the FR server, rather than an external source.
I then went to each DC and verified (and in some cases reset) their NtpServer entry to the PDC Emulator, and their 'type' to NT5DS.
Afterward, I restarted the W32Time service on each, and then resync'd using w32tm /resync /rediscover.
So far, so good... each server is within 2 one-hundredths of the PDC. I'll check again tomorrow.
sm
ASKER
Sorry for the late response...
The DC's are all keeping time correctly (3 weeks and counting)... however, some workstations in the domain are reporting being a few minutes off, even after multiple logoffs/reboots.
Any ideas how to troubleshoot this?
The DC's are all keeping time correctly (3 weeks and counting)... however, some workstations in the domain are reporting being a few minutes off, even after multiple logoffs/reboots.
Any ideas how to troubleshoot this?
I've seen this before on older servers. what I did was add a scheduled task to the PDC to resync time with it's internet time server twice a day at specific times line 6AM and 6PM.
Add a scheduled task to all the uther servers to resync with the DC and different times so they al don't request time updates together. if this does not resolve the problem, let me know.
Add a scheduled task to all the uther servers to resync with the DC and different times so they al don't request time updates together. if this does not resolve the problem, let me know.
ASKER
Our problem isn't with the DCs at this point, but with some workstations in our environment.
I could potentially add w32tm /resync to the logon script for the workstations, if that's what you mean...
I could potentially add w32tm /resync to the logon script for the workstations, if that's what you mean...
Yes, that should wok fine. you might have some Pc's that are loosing time due to hardware or other issues. Adding a schedule task to resync should resolve the problem on those Pc's.
ASKER
Ok...
Would the line just be w32tm /resync? There are a host of other switches...
Would the line just be w32tm /resync? There are a host of other switches...
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
i will give it a shot... thanks!