bergquistcompany
asked on
GPO to point clients to domain controller for NTP time
Hello EE,
We have an issue where we have a domain controller that is setup to point to an external time source for NTP. I followed this for setting up "Configuring the Windows Time service to use an external time source" http://support.microsoft.com/kb/816042#method2 so think this part is correct
We would like all internal clients to point to this domain controller for time, but I'm not sure how to do this through GPO.
We have an issue where we have a domain controller that is setup to point to an external time source for NTP. I followed this for setting up "Configuring the Windows Time service to use an external time source" http://support.microsoft.com/kb/816042#method2 so think this part is correct
We would like all internal clients to point to this domain controller for time, but I'm not sure how to do this through GPO.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Remove any group policy for Time settings and use below article to configure Time in your domain env
https://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/A_10789-Time-Service-Configuration.html
https://www.experts-exchange.com/Software/Server_Software/File_Servers/Active_Directory/A_10789-Time-Service-Configuration.html
If you've configured PDC as NTP and is in sync with external Time source, then everything works fine in the domain. The KB article you've followed is correct to configure authoritative Time Server. However as per your request I'm providing 1 link check it out.
Configuring an Authoritative Time Server with Group Policy Using WMI Filtering
Configuring an Authoritative Time Server with Group Policy Using WMI Filtering
Hi,
i'm actually managing a NTP problem at work.
so, the first question i'd like to ask you is : are your clients domain members ? because you have to differentiate the treatment in function of the root cause.
so, for the domain members :
net stop w32time
w32tm /config /syncfromflags:DOMHIER (this will force the domain members to sync on the domain controllers)
sc config W32Time startuptype= auto (this will put the startup type on auto - might want to verify the command though)
net start W32time
on the non domain members, i use the manualpeerlist of the clients to sync them on the DC.
Cheers
T
i'm actually managing a NTP problem at work.
so, the first question i'd like to ask you is : are your clients domain members ? because you have to differentiate the treatment in function of the root cause.
so, for the domain members :
net stop w32time
w32tm /config /syncfromflags:DOMHIER (this will force the domain members to sync on the domain controllers)
sc config W32Time startuptype= auto (this will put the startup type on auto - might want to verify the command though)
net start W32time
on the non domain members, i use the manualpeerlist of the clients to sync them on the DC.
Cheers
T
Looks like I need to design an Assessment Pack for checking Time Service Configuration on Domain Controllers and Clients in Dynamic SpotAction Tool at www.Dynamic-SpotAction.com
What else Assessmen Packs you guys think I can design for a tool which I am developing?
Please do not get me wrong - I just need the inputs/feedbacks if you have any!
Thanks!
Sys
Microsoft MVP - Directory Services
What else Assessmen Packs you guys think I can design for a tool which I am developing?
Please do not get me wrong - I just need the inputs/feedbacks if you have any!
Thanks!
Sys
Microsoft MVP - Directory Services
ASKER
all excellent articles thank you for all the tips. You helpded me resolve it
You could add this as a startup script on the computer(s) in a GPO?
Hope this helps,
Tom