Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Incorrect network time

Posted on 2013-01-16
8
Medium Priority
?
474 Views
Last Modified: 2013-01-21
I had a client ask me why their computer time was about 2.5 minutes behind the cell phones in the office.  

After some digging, I found that when I ran

w32tm /stripchart /computer:time.windows.com /samples:5 /dataonly

I received a response similar to below:  
9:28:33, +144.00668998s

When I look at timeanddate.com to see the current time, sure enough it seems to be about 144 seconds faster than my computer.  

Basically it seems the +144. seconds on my response is the exact amount of time missing from my computer and network time.  Why would this 144 second delay be happening?
0
Comment
Question by:perk83
  • 4
  • 3
8 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 38783049
That is interesting, I'll do some testing later to see if I get the same 144 from time.windows.com

Have you tested any other stratum 2 servers

http://support.ntp.org/bin/view/Servers/StratumTwoTimeServers

Thanks

Mike
0
 
LVL 1

Expert Comment

by:sarconastic
ID: 38783115
the amount of time that the server is off is probably irrelevant. It is off because either A: it is not updating with a a NIST or NTP pool server that has the accurate time based on the Atomic clocks, or B: someone changed it manually and placed a time offset in it. or C: it is getting it's time from an internet site that is incorrect.

what you need to find out is what the time on the PDC (Primary Domain Controller) for the network is first. If this time is correct, then either the PC itself has a time offset or it is receiving its time from a regular DC that is not syncing correctly. The way it works if it is right is the PDC syncs to  a site like time.windows.com then theDCs all sync to it. all domain computers by default sync to the DCs or the PDC unless they are manually over ridden by a GPO or command line argument.

run these commands to check and see if it has been changed, and to rest it to the domain controller

net time /querysntp
net time /setsntp:domaincontroller
net time /set

Good Luck
0
 
LVL 1

Author Comment

by:perk83
ID: 38783282
mkline,

I did try 3 different servers and got the same response from all three.

time.windows.com
pool.ntp.org
time.nist.gov ( I believe that was it)


sarconastic,

I should have been more clear in my OP.  I get the same response when running the command from the workstations or servers.  It is all machines on that network.  The DC has the same incorrect time as all others.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
LVL 1

Expert Comment

by:sarconastic
ID: 38783337
If the DC has the wrong time then it is not updating correctly. I would be checking it. do a "w32tm /resync /rediscover" on teh server and see if it successfully completes. Also if this is not the PDC then you should check it as well.

using w32tm /query /peers should tell your the peers the DC and the PDC are connected to.
0
 
LVL 1

Author Comment

by:perk83
ID: 38784510
When I ran on "w32tm /resync /rediscover" the DC, I got a message back. " The computer did not resync because no time data was available."  Didn't expect that.  

It is the FSMO role holder.
0
 
LVL 1

Accepted Solution

by:
sarconastic earned 2000 total points
ID: 38787596
Ok so what that is telling you is that the DC your running this on is not syncing with a time server. For whatever reason, you need to track it down. I will tell you from experience it usually turns out to be that the ports required to be open are not open on the firewall.  Just adding the NTP service to the allowed ports in your firewall usually does he trick.

I believe it is port UDP 123 that needs to be opened. Both ways, in and out to that server.

Since it is the FSMO controller then it is the one that should be going to the web to get its time.

Check those ports.
0
 
LVL 1

Author Comment

by:perk83
ID: 38801229
Thanks, I believe that helped.  I opened NTP service through the firewall as it was not opened.  On the DC, I then set a manual list of time servers to use. using thew32tm /config command.  After running net stop w32tm and net start w32tm, the DC now has the correct time.  I will be watching it throughout the day to make sure it holds that time, but I believe it will.
0
 
LVL 1

Author Closing Comment

by:perk83
ID: 38802093
Thanks for the tip on opening NTP through the firewall.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. Theā€¦
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question