Solved

confirm that ntp is working

Posted on 2013-05-16
6
360 Views
Last Modified: 2013-05-28
I understand that my domain contoller and backup DC are automatically set up as NTP servers.  How do I confirm that NTP is working correctly on them.  My investigations online found commands like ntpq -p, but these definitely don't work from a command line.  Any suggestions?

(i'm using Windows Server 2008 R2)
0
Comment
Question by:cuiinc
6 Comments
 
LVL 14

Expert Comment

by:comfortjeanius
ID: 39173021
0
 
LVL 1

Author Comment

by:cuiinc
ID: 39173047
hmm.  several questions:
I had previously ran Windows "fix-it-for-me" app, configuring the server to use an external time source, on my BACKUP DC, not on my PDC. (http://support.microsoft.com/kb/816042).  

When I run W32tm /query /configuration on my PDC, I get the following (see below).  Should I run W32tm /unregister on the backup DC and W32tm /register on my PDC?


Primary Domain Controller:
C:\Users\manager>W32tm /query /configuration
[Configuration]

EventLogFlags: 2 (Local)
AnnounceFlags: 10 (Local)
TimeJumpAuditOffset: 28800 (Local)
MinPollInterval: 6 (Local)
MaxPollInterval: 10 (Local)
MaxNegPhaseCorrection: 172800 (Local)
MaxPosPhaseCorrection: 172800 (Local)
MaxAllowedPhaseOffset: 300 (Local)

FrequencyCorrectRate: 4 (Local)
PollAdjustFactor: 5 (Local)
LargePhaseOffset: 50000000 (Local)
SpikeWatchPeriod: 900 (Local)
LocalClockDispersion: 10 (Local)
HoldPeriod: 5 (Local)
PhaseCorrectRate: 7 (Local)
UpdateInterval: 100 (Local)


[TimeProviders]

NtpClient (Local)
DllName: C:\Windows\system32\w32time.dll (Local)
Enabled: 1 (Local)
InputProvider: 1 (Local)
CrossSiteSyncFlags: 2 (Local)
AllowNonstandardModeCombinations: 1 (Local)
ResolvePeerBackoffMinutes: 15 (Local)
ResolvePeerBackoffMaxTimes: 7 (Local)
CompatibilityFlags: 2147483648 (Local)
EventLogFlags: 1 (Local)
LargeSampleSkew: 3 (Local)
SpecialPollInterval: 3600 (Local)
Type: NT5DS (Local)

NtpServer (Local)
DllName: C:\Windows\system32\w32time.dll (Local)
Enabled: 1 (Local)
InputProvider: 0 (Local)
AllowNonstandardModeCombinations: 1 (Local)

VMICTimeProvider (Local)
DllName: C:\Windows\System32\vmictimeprovider.dll (Local)
Enabled: 1 (Local)
InputProvider: 1 (Local)
0
 
LVL 47

Expert Comment

by:dlethe
ID: 39183181
It sounds pretty obvious, but I've always tested by actually changing the time by a few seconds and checking back at whatever the polling interval was.

This is the only way to insure a full test to insure the system is properly configured & operational.
0
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 39183458
In general, your PDCe should sync with an external time source, other DCs will sync with the PDCe, members will sync with the DC authenticating them.
This here is not correct for a DC with the PDCe role: Type: NT5DS (Local)
You probably have errors in the system event log that this machine is configured to use the AD hierarchy, but that it's already at the top. And note that "w32tm /register" does not "register" a machine as NTP server; it registers the time service and its default settings.
In other words: in an elevated command prompt on the PDCe, enter (replacing <1.2.3.4> with the time server of your choice; the ,0x9 at the end will tell the time service to run in ntp client mode and use the configured poll interval):
net stop w32time
w32tm /unregister
w32tm /register
net start w32time
w32tm /config /manualpeerlist:<1.2.3.4>,0x9 /update
w32tm /resync /rediscover

Open in new window

Time servers are here (I wouldn't use the default "time.windows.com"; I've found it to be unreliable); pick a time server geographically close to you, for example one of these:
A list of the Simple Network Time Protocol (SNTP) time servers that are available on the Internet
http://support.microsoft.com/kb/262680
The pool.ntp.org project
http://www.pool.ntp.org/

Then on the second DC, enter
net stop w32time
w32tm /unregister
w32tm /register
net start w32time
w32tm /resync /rediscover

Open in new window

To check a client, simply use
w32tm /resync /rediscover

Open in new window

And if you feel like it, you can use a group policy as well to configure this; it's a bit more complicated than a few command lines, but an interesting concept that can be useful.
Configuring an Authoritative Time Server with Group Policy Using WMI Filtering
http://blogs.technet.com/b/askds/archive/2008/11/13/configuring-an-authoritative-time-server-with-group-policy-using-wmi-filtering.aspx
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question