Solved

Incorrect network time

Posted on 2013-01-16
8
463 Views
Last Modified: 2013-01-21
I had a client ask me why their computer time was about 2.5 minutes behind the cell phones in the office.  

After some digging, I found that when I ran

w32tm /stripchart /computer:time.windows.com /samples:5 /dataonly

I received a response similar to below:  
9:28:33, +144.00668998s

When I look at timeanddate.com to see the current time, sure enough it seems to be about 144 seconds faster than my computer.  

Basically it seems the +144. seconds on my response is the exact amount of time missing from my computer and network time.  Why would this 144 second delay be happening?
0
Comment
Question by:perk83
  • 4
  • 3
8 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38783049
That is interesting, I'll do some testing later to see if I get the same 144 from time.windows.com

Have you tested any other stratum 2 servers

http://support.ntp.org/bin/view/Servers/StratumTwoTimeServers

Thanks

Mike
0
 
LVL 1

Expert Comment

by:sarconastic
ID: 38783115
the amount of time that the server is off is probably irrelevant. It is off because either A: it is not updating with a a NIST or NTP pool server that has the accurate time based on the Atomic clocks, or B: someone changed it manually and placed a time offset in it. or C: it is getting it's time from an internet site that is incorrect.

what you need to find out is what the time on the PDC (Primary Domain Controller) for the network is first. If this time is correct, then either the PC itself has a time offset or it is receiving its time from a regular DC that is not syncing correctly. The way it works if it is right is the PDC syncs to  a site like time.windows.com then theDCs all sync to it. all domain computers by default sync to the DCs or the PDC unless they are manually over ridden by a GPO or command line argument.

run these commands to check and see if it has been changed, and to rest it to the domain controller

net time /querysntp
net time /setsntp:domaincontroller
net time /set

Good Luck
0
 
LVL 1

Author Comment

by:perk83
ID: 38783282
mkline,

I did try 3 different servers and got the same response from all three.

time.windows.com
pool.ntp.org
time.nist.gov ( I believe that was it)


sarconastic,

I should have been more clear in my OP.  I get the same response when running the command from the workstations or servers.  It is all machines on that network.  The DC has the same incorrect time as all others.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Expert Comment

by:sarconastic
ID: 38783337
If the DC has the wrong time then it is not updating correctly. I would be checking it. do a "w32tm /resync /rediscover" on teh server and see if it successfully completes. Also if this is not the PDC then you should check it as well.

using w32tm /query /peers should tell your the peers the DC and the PDC are connected to.
0
 
LVL 1

Author Comment

by:perk83
ID: 38784510
When I ran on "w32tm /resync /rediscover" the DC, I got a message back. " The computer did not resync because no time data was available."  Didn't expect that.  

It is the FSMO role holder.
0
 
LVL 1

Accepted Solution

by:
sarconastic earned 500 total points
ID: 38787596
Ok so what that is telling you is that the DC your running this on is not syncing with a time server. For whatever reason, you need to track it down. I will tell you from experience it usually turns out to be that the ports required to be open are not open on the firewall.  Just adding the NTP service to the allowed ports in your firewall usually does he trick.

I believe it is port UDP 123 that needs to be opened. Both ways, in and out to that server.

Since it is the FSMO controller then it is the one that should be going to the web to get its time.

Check those ports.
0
 
LVL 1

Author Comment

by:perk83
ID: 38801229
Thanks, I believe that helped.  I opened NTP service through the firewall as it was not opened.  On the DC, I then set a manual list of time servers to use. using thew32tm /config command.  After running net stop w32tm and net start w32tm, the DC now has the correct time.  I will be watching it throughout the day to make sure it holds that time, but I believe it will.
0
 
LVL 1

Author Closing Comment

by:perk83
ID: 38802093
Thanks for the tip on opening NTP through the firewall.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Synchronize a new Active Directory domain with an existing Office 365 tenant
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question