• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 373
  • Last Modified:

confirm that ntp is working

I understand that my domain contoller and backup DC are automatically set up as NTP servers.  How do I confirm that NTP is working correctly on them.  My investigations online found commands like ntpq -p, but these definitely don't work from a command line.  Any suggestions?

(i'm using Windows Server 2008 R2)
0
cuiinc
Asked:
cuiinc
1 Solution
 
comfortjeaniusCommented:
0
 
cuiincAuthor Commented:
hmm.  several questions:
I had previously ran Windows "fix-it-for-me" app, configuring the server to use an external time source, on my BACKUP DC, not on my PDC. (http://support.microsoft.com/kb/816042).  

When I run W32tm /query /configuration on my PDC, I get the following (see below).  Should I run W32tm /unregister on the backup DC and W32tm /register on my PDC?


Primary Domain Controller:
C:\Users\manager>W32tm /query /configuration
[Configuration]

EventLogFlags: 2 (Local)
AnnounceFlags: 10 (Local)
TimeJumpAuditOffset: 28800 (Local)
MinPollInterval: 6 (Local)
MaxPollInterval: 10 (Local)
MaxNegPhaseCorrection: 172800 (Local)
MaxPosPhaseCorrection: 172800 (Local)
MaxAllowedPhaseOffset: 300 (Local)

FrequencyCorrectRate: 4 (Local)
PollAdjustFactor: 5 (Local)
LargePhaseOffset: 50000000 (Local)
SpikeWatchPeriod: 900 (Local)
LocalClockDispersion: 10 (Local)
HoldPeriod: 5 (Local)
PhaseCorrectRate: 7 (Local)
UpdateInterval: 100 (Local)


[TimeProviders]

NtpClient (Local)
DllName: C:\Windows\system32\w32time.dll (Local)
Enabled: 1 (Local)
InputProvider: 1 (Local)
CrossSiteSyncFlags: 2 (Local)
AllowNonstandardModeCombinations: 1 (Local)
ResolvePeerBackoffMinutes: 15 (Local)
ResolvePeerBackoffMaxTimes: 7 (Local)
CompatibilityFlags: 2147483648 (Local)
EventLogFlags: 1 (Local)
LargeSampleSkew: 3 (Local)
SpecialPollInterval: 3600 (Local)
Type: NT5DS (Local)

NtpServer (Local)
DllName: C:\Windows\system32\w32time.dll (Local)
Enabled: 1 (Local)
InputProvider: 0 (Local)
AllowNonstandardModeCombinations: 1 (Local)

VMICTimeProvider (Local)
DllName: C:\Windows\System32\vmictimeprovider.dll (Local)
Enabled: 1 (Local)
InputProvider: 1 (Local)
0
 
DavidPresidentCommented:
It sounds pretty obvious, but I've always tested by actually changing the time by a few seconds and checking back at whatever the polling interval was.

This is the only way to insure a full test to insure the system is properly configured & operational.
0
 
oBdACommented:
In general, your PDCe should sync with an external time source, other DCs will sync with the PDCe, members will sync with the DC authenticating them.
This here is not correct for a DC with the PDCe role: Type: NT5DS (Local)
You probably have errors in the system event log that this machine is configured to use the AD hierarchy, but that it's already at the top. And note that "w32tm /register" does not "register" a machine as NTP server; it registers the time service and its default settings.
In other words: in an elevated command prompt on the PDCe, enter (replacing <1.2.3.4> with the time server of your choice; the ,0x9 at the end will tell the time service to run in ntp client mode and use the configured poll interval):
net stop w32time
w32tm /unregister
w32tm /register
net start w32time
w32tm /config /manualpeerlist:<1.2.3.4>,0x9 /update
w32tm /resync /rediscover

Open in new window

Time servers are here (I wouldn't use the default "time.windows.com"; I've found it to be unreliable); pick a time server geographically close to you, for example one of these:
A list of the Simple Network Time Protocol (SNTP) time servers that are available on the Internet
http://support.microsoft.com/kb/262680
The pool.ntp.org project
http://www.pool.ntp.org/

Then on the second DC, enter
net stop w32time
w32tm /unregister
w32tm /register
net start w32time
w32tm /resync /rediscover

Open in new window

To check a client, simply use
w32tm /resync /rediscover

Open in new window

And if you feel like it, you can use a group policy as well to configure this; it's a bit more complicated than a few command lines, but an interesting concept that can be useful.
Configuring an Authoritative Time Server with Group Policy Using WMI Filtering
http://blogs.technet.com/b/askds/archive/2008/11/13/configuring-an-authoritative-time-server-with-group-policy-using-wmi-filtering.aspx
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now