Solved

Incorrect network time

Posted on 2013-01-16
8
468 Views
Last Modified: 2013-01-21
I had a client ask me why their computer time was about 2.5 minutes behind the cell phones in the office.  

After some digging, I found that when I ran

w32tm /stripchart /computer:time.windows.com /samples:5 /dataonly

I received a response similar to below:  
9:28:33, +144.00668998s

When I look at timeanddate.com to see the current time, sure enough it seems to be about 144 seconds faster than my computer.  

Basically it seems the +144. seconds on my response is the exact amount of time missing from my computer and network time.  Why would this 144 second delay be happening?
0
Comment
Question by:perk83
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
8 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38783049
That is interesting, I'll do some testing later to see if I get the same 144 from time.windows.com

Have you tested any other stratum 2 servers

http://support.ntp.org/bin/view/Servers/StratumTwoTimeServers

Thanks

Mike
0
 
LVL 1

Expert Comment

by:sarconastic
ID: 38783115
the amount of time that the server is off is probably irrelevant. It is off because either A: it is not updating with a a NIST or NTP pool server that has the accurate time based on the Atomic clocks, or B: someone changed it manually and placed a time offset in it. or C: it is getting it's time from an internet site that is incorrect.

what you need to find out is what the time on the PDC (Primary Domain Controller) for the network is first. If this time is correct, then either the PC itself has a time offset or it is receiving its time from a regular DC that is not syncing correctly. The way it works if it is right is the PDC syncs to  a site like time.windows.com then theDCs all sync to it. all domain computers by default sync to the DCs or the PDC unless they are manually over ridden by a GPO or command line argument.

run these commands to check and see if it has been changed, and to rest it to the domain controller

net time /querysntp
net time /setsntp:domaincontroller
net time /set

Good Luck
0
 
LVL 1

Author Comment

by:perk83
ID: 38783282
mkline,

I did try 3 different servers and got the same response from all three.

time.windows.com
pool.ntp.org
time.nist.gov ( I believe that was it)


sarconastic,

I should have been more clear in my OP.  I get the same response when running the command from the workstations or servers.  It is all machines on that network.  The DC has the same incorrect time as all others.
0
Veeam gives away 10 full conference passes

Veeam is a VMworld 2017 US & Europe Platinum Sponsor. Enter the raffle to get the full conference pass. Pass includes the admission to all general and breakout sessions, VMware Hands-On Labs, Solutions Exchange, exclusive giveaways and the great VMworld Customer Appreciation Part

 
LVL 1

Expert Comment

by:sarconastic
ID: 38783337
If the DC has the wrong time then it is not updating correctly. I would be checking it. do a "w32tm /resync /rediscover" on teh server and see if it successfully completes. Also if this is not the PDC then you should check it as well.

using w32tm /query /peers should tell your the peers the DC and the PDC are connected to.
0
 
LVL 1

Author Comment

by:perk83
ID: 38784510
When I ran on "w32tm /resync /rediscover" the DC, I got a message back. " The computer did not resync because no time data was available."  Didn't expect that.  

It is the FSMO role holder.
0
 
LVL 1

Accepted Solution

by:
sarconastic earned 500 total points
ID: 38787596
Ok so what that is telling you is that the DC your running this on is not syncing with a time server. For whatever reason, you need to track it down. I will tell you from experience it usually turns out to be that the ports required to be open are not open on the firewall.  Just adding the NTP service to the allowed ports in your firewall usually does he trick.

I believe it is port UDP 123 that needs to be opened. Both ways, in and out to that server.

Since it is the FSMO controller then it is the one that should be going to the web to get its time.

Check those ports.
0
 
LVL 1

Author Comment

by:perk83
ID: 38801229
Thanks, I believe that helped.  I opened NTP service through the firewall as it was not opened.  On the DC, I then set a manual list of time servers to use. using thew32tm /config command.  After running net stop w32tm and net start w32tm, the DC now has the correct time.  I will be watching it throughout the day to make sure it holds that time, but I believe it will.
0
 
LVL 1

Author Closing Comment

by:perk83
ID: 38802093
Thanks for the tip on opening NTP through the firewall.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

635 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question