intlfcs_krismortensen
asked on
force all domain controllers to register NTP SRV records
I have a mixed environment, and have a need for several clients to be able to dynamically find NTP services within thier active directory site. Is there a way that I can have all of my domain controllers dynamically register these SRV records? I am trying to avoid creating them all manually so that my environment stays fluid as I grow it.
ASKER
Sandeshdubey-
thanks for the links, however, this doesn't answer my question at all. I already have my PDC Emulator configured as an authoritative time server, udp port 123 is already allowed, and yes, by default WINDOWS clients will automatically sync time from the various domain controllers which are synced by the PDC emulator. The key to my question is that I have NON WINDOWS clients looking for NTP services. they are currently configured to look for those services by querying "internaldomain.com", and domain controllers do not register NTP SRV records in DNS by default... I want to change things so that each of my domain controllers automatically registers an NTP SRV record for my NON WINDOWS clients to find.
thanks for the links, however, this doesn't answer my question at all. I already have my PDC Emulator configured as an authoritative time server, udp port 123 is already allowed, and yes, by default WINDOWS clients will automatically sync time from the various domain controllers which are synced by the PDC emulator. The key to my question is that I have NON WINDOWS clients looking for NTP services. they are currently configured to look for those services by querying "internaldomain.com", and domain controllers do not register NTP SRV records in DNS by default... I want to change things so that each of my domain controllers automatically registers an NTP SRV record for my NON WINDOWS clients to find.
I've never seen or heard of a setting that will create these automatically for you. The closest you could come is scripting their creation. DHCP options may also be of help to you depending on if the clients will use them.
Most non-windows clients have time services of their own. It would only be a matter of pointing those services to the PDCE.
I know of no way other than manually to create DNS records for NTP - and even then, clients don't normally query for time servers using SRV records.
Is this a custom service you have created?
I know of no way other than manually to create DNS records for NTP - and even then, clients don't normally query for time servers using SRV records.
Is this a custom service you have created?
ASKER
Netman66-
This is not a custom service; in this case, it is actually NetApp storage controllers, which ends up being a very heavily modified version of freebsd. I manually created SRV records for now, and as you noted, the storage controllers don't seem to be looking for those SRV records though.
This is not a custom service; in this case, it is actually NetApp storage controllers, which ends up being a very heavily modified version of freebsd. I manually created SRV records for now, and as you noted, the storage controllers don't seem to be looking for those SRV records though.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
While the solution does work, it doesnt really provide for the dynamic environment that I am looking for; at this point I am not confident that it is possible to have that kind of dynamic environment though.
You can use the PDCE name instead, it will use the DNS settings to resolve.
NTP is not a dynamic service in an AD environment as the PDCE is always the authoritative time source for the infrastructure. Changing the PDCE role holder will always require changing NTP settings - whether using DNS or static IP, there is no getting around that.
NTP is not a dynamic service in an AD environment as the PDCE is always the authoritative time source for the infrastructure. Changing the PDCE role holder will always require changing NTP settings - whether using DNS or static IP, there is no getting around that.
Please also make sure that udp port 123 which as direction the chosen NTP server is not blocked.
By default client machine and servers will sync time from PDC server.More here: http://support.microsoft.com/kb/223184
Jorge's Time Service blogs:
Configuring and Managing the Windows Time Service, Parts 1 to 4:
http://blogs.dirteam.com/blogs/jorge/archive/2010/09/26/configuring-and-managing-the-windows-time-service-part-1.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2010/09/26/configuring-and-managing-the-windows-time-service-part-2.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2010/09/26/configuring-and-managing-the-windows-time-service-part-3.aspx
http://blogs.dirteam.com/blogs/jorge/archive/2010/09/26/configuring-and-managing-the-windows-time-service-part-4.aspx