Incorrect network time

I had a client ask me why their computer time was about 2.5 minutes behind the cell phones in the office.  

After some digging, I found that when I ran

w32tm /stripchart /computer:time.windows.com /samples:5 /dataonly

I received a response similar to below:  
9:28:33, +144.00668998s

When I look at timeanddate.com to see the current time, sure enough it seems to be about 144 seconds faster than my computer.  

Basically it seems the +144. seconds on my response is the exact amount of time missing from my computer and network time.  Why would this 144 second delay be happening?
LVL 1
perk83Asked:
Who is Participating?
 
sarconasticCommented:
Ok so what that is telling you is that the DC your running this on is not syncing with a time server. For whatever reason, you need to track it down. I will tell you from experience it usually turns out to be that the ports required to be open are not open on the firewall.  Just adding the NTP service to the allowed ports in your firewall usually does he trick.

I believe it is port UDP 123 that needs to be opened. Both ways, in and out to that server.

Since it is the FSMO controller then it is the one that should be going to the web to get its time.

Check those ports.
0
 
Mike KlineCommented:
That is interesting, I'll do some testing later to see if I get the same 144 from time.windows.com

Have you tested any other stratum 2 servers

http://support.ntp.org/bin/view/Servers/StratumTwoTimeServers

Thanks

Mike
0
 
sarconasticCommented:
the amount of time that the server is off is probably irrelevant. It is off because either A: it is not updating with a a NIST or NTP pool server that has the accurate time based on the Atomic clocks, or B: someone changed it manually and placed a time offset in it. or C: it is getting it's time from an internet site that is incorrect.

what you need to find out is what the time on the PDC (Primary Domain Controller) for the network is first. If this time is correct, then either the PC itself has a time offset or it is receiving its time from a regular DC that is not syncing correctly. The way it works if it is right is the PDC syncs to  a site like time.windows.com then theDCs all sync to it. all domain computers by default sync to the DCs or the PDC unless they are manually over ridden by a GPO or command line argument.

run these commands to check and see if it has been changed, and to rest it to the domain controller

net time /querysntp
net time /setsntp:domaincontroller
net time /set

Good Luck
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 
perk83Author Commented:
mkline,

I did try 3 different servers and got the same response from all three.

time.windows.com
pool.ntp.org
time.nist.gov ( I believe that was it)


sarconastic,

I should have been more clear in my OP.  I get the same response when running the command from the workstations or servers.  It is all machines on that network.  The DC has the same incorrect time as all others.
0
 
sarconasticCommented:
If the DC has the wrong time then it is not updating correctly. I would be checking it. do a "w32tm /resync /rediscover" on teh server and see if it successfully completes. Also if this is not the PDC then you should check it as well.

using w32tm /query /peers should tell your the peers the DC and the PDC are connected to.
0
 
perk83Author Commented:
When I ran on "w32tm /resync /rediscover" the DC, I got a message back. " The computer did not resync because no time data was available."  Didn't expect that.  

It is the FSMO role holder.
0
 
perk83Author Commented:
Thanks, I believe that helped.  I opened NTP service through the firewall as it was not opened.  On the DC, I then set a manual list of time servers to use. using thew32tm /config command.  After running net stop w32tm and net start w32tm, the DC now has the correct time.  I will be watching it throughout the day to make sure it holds that time, but I believe it will.
0
 
perk83Author Commented:
Thanks for the tip on opening NTP through the firewall.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.