Solved

GPO to point clients to domain controller for NTP time

Posted on 2013-02-04
7
4,706 Views
Last Modified: 2013-02-05
Hello EE,

We have an issue where we have a domain controller that is setup to point to an external time source for NTP.  I followed this for setting up "Configuring the Windows Time service to use an external time source" http://support.microsoft.com/kb/816042#method2 so think this part is correct

We would like all internal clients to point to this domain controller for time, but I'm not sure how to do this through GPO.
0
Comment
Question by:bergquistcompany
7 Comments
 
LVL 5

Accepted Solution

by:
tjc123 earned 500 total points
ID: 38852668
0
 

Expert Comment

by:schooltechnician
ID: 38852682
When we have a machine that doesn't sync time with the rest of network I run a command in cmd "w32tm /config /manualpeerlist:dc.domain.local /syncfromflags:MANUAL"
You could add this as a startup script on the computer(s) in a GPO?

Hope this helps,
Tom
0
 
LVL 18

Expert Comment

by:Sarang Tinguria
ID: 38853663
Remove any group policy for Time settings and use below article to configure Time in your domain env

http://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/A_10789-Time-Service-Configuration.html
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 9

Expert Comment

by:Zenvenky
ID: 38853802
If you've configured PDC as NTP and is in sync with external Time source, then everything works fine in the domain. The KB article you've followed is correct to configure authoritative Time Server. However as per your request I'm providing 1 link check it out.

Configuring an Authoritative Time Server with Group Policy Using WMI Filtering
0
 
LVL 4

Expert Comment

by:Thomas WERNHER
ID: 38854029
Hi,

i'm actually managing a NTP problem at work.
so, the first question i'd like to ask you is : are your clients domain members ? because you have to differentiate the treatment in function of the root cause.

so, for the domain members :
net stop w32time
w32tm /config /syncfromflags:DOMHIER (this will force the domain members to sync on the domain controllers)
 sc config W32Time startuptype= auto (this will put the startup type on auto - might want to verify the command though)
net start W32time

on the non domain members, i use the manualpeerlist of the clients to sync them on the DC.

Cheers
T
0
 
LVL 35

Expert Comment

by:Nirmal Sharma
ID: 38854200
Looks like I need to design an Assessment Pack for checking Time Service Configuration on Domain Controllers and Clients in Dynamic SpotAction Tool at www.Dynamic-SpotAction.com

What else Assessmen Packs you guys think I can design for a tool which I am developing?

Please do not get me wrong - I just need the inputs/feedbacks if you have any!

Thanks!
Sys
Microsoft MVP - Directory Services
0
 

Author Closing Comment

by:bergquistcompany
ID: 38857672
all excellent articles thank you for all the tips.  You helpded me resolve it
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction You may have a need to setup a group of users to allow local administrative access on workstations.  In a domain environment this can easily be achieved with Restricted Groups and Group Policies. This article will demonstrate how to…
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now