Solved

confirm that ntp is working

Posted on 2013-05-16
6
361 Views
Last Modified: 2013-05-28
I understand that my domain contoller and backup DC are automatically set up as NTP servers.  How do I confirm that NTP is working correctly on them.  My investigations online found commands like ntpq -p, but these definitely don't work from a command line.  Any suggestions?

(i'm using Windows Server 2008 R2)
0
Comment
Question by:cuiinc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 14

Expert Comment

by:comfortjeanius
ID: 39173021
0
 
LVL 1

Author Comment

by:cuiinc
ID: 39173047
hmm.  several questions:
I had previously ran Windows "fix-it-for-me" app, configuring the server to use an external time source, on my BACKUP DC, not on my PDC. (http://support.microsoft.com/kb/816042).  

When I run W32tm /query /configuration on my PDC, I get the following (see below).  Should I run W32tm /unregister on the backup DC and W32tm /register on my PDC?


Primary Domain Controller:
C:\Users\manager>W32tm /query /configuration
[Configuration]

EventLogFlags: 2 (Local)
AnnounceFlags: 10 (Local)
TimeJumpAuditOffset: 28800 (Local)
MinPollInterval: 6 (Local)
MaxPollInterval: 10 (Local)
MaxNegPhaseCorrection: 172800 (Local)
MaxPosPhaseCorrection: 172800 (Local)
MaxAllowedPhaseOffset: 300 (Local)

FrequencyCorrectRate: 4 (Local)
PollAdjustFactor: 5 (Local)
LargePhaseOffset: 50000000 (Local)
SpikeWatchPeriod: 900 (Local)
LocalClockDispersion: 10 (Local)
HoldPeriod: 5 (Local)
PhaseCorrectRate: 7 (Local)
UpdateInterval: 100 (Local)


[TimeProviders]

NtpClient (Local)
DllName: C:\Windows\system32\w32time.dll (Local)
Enabled: 1 (Local)
InputProvider: 1 (Local)
CrossSiteSyncFlags: 2 (Local)
AllowNonstandardModeCombinations: 1 (Local)
ResolvePeerBackoffMinutes: 15 (Local)
ResolvePeerBackoffMaxTimes: 7 (Local)
CompatibilityFlags: 2147483648 (Local)
EventLogFlags: 1 (Local)
LargeSampleSkew: 3 (Local)
SpecialPollInterval: 3600 (Local)
Type: NT5DS (Local)

NtpServer (Local)
DllName: C:\Windows\system32\w32time.dll (Local)
Enabled: 1 (Local)
InputProvider: 0 (Local)
AllowNonstandardModeCombinations: 1 (Local)

VMICTimeProvider (Local)
DllName: C:\Windows\System32\vmictimeprovider.dll (Local)
Enabled: 1 (Local)
InputProvider: 1 (Local)
0
 
LVL 47

Expert Comment

by:dlethe
ID: 39183181
It sounds pretty obvious, but I've always tested by actually changing the time by a few seconds and checking back at whatever the polling interval was.

This is the only way to insure a full test to insure the system is properly configured & operational.
0
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 39183458
In general, your PDCe should sync with an external time source, other DCs will sync with the PDCe, members will sync with the DC authenticating them.
This here is not correct for a DC with the PDCe role: Type: NT5DS (Local)
You probably have errors in the system event log that this machine is configured to use the AD hierarchy, but that it's already at the top. And note that "w32tm /register" does not "register" a machine as NTP server; it registers the time service and its default settings.
In other words: in an elevated command prompt on the PDCe, enter (replacing <1.2.3.4> with the time server of your choice; the ,0x9 at the end will tell the time service to run in ntp client mode and use the configured poll interval):
net stop w32time
w32tm /unregister
w32tm /register
net start w32time
w32tm /config /manualpeerlist:<1.2.3.4>,0x9 /update
w32tm /resync /rediscover

Open in new window

Time servers are here (I wouldn't use the default "time.windows.com"; I've found it to be unreliable); pick a time server geographically close to you, for example one of these:
A list of the Simple Network Time Protocol (SNTP) time servers that are available on the Internet
http://support.microsoft.com/kb/262680
The pool.ntp.org project
http://www.pool.ntp.org/

Then on the second DC, enter
net stop w32time
w32tm /unregister
w32tm /register
net start w32time
w32tm /resync /rediscover

Open in new window

To check a client, simply use
w32tm /resync /rediscover

Open in new window

And if you feel like it, you can use a group policy as well to configure this; it's a bit more complicated than a few command lines, but an interesting concept that can be useful.
Configuring an Authoritative Time Server with Group Policy Using WMI Filtering
http://blogs.technet.com/b/askds/archive/2008/11/13/configuring-an-authoritative-time-server-with-group-policy-using-wmi-filtering.aspx
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question