Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Point Servers to another NTP Server

Posted on 2014-01-23
6
407 Views
Last Modified: 2014-02-10
Our client systems are picking up NTP via the DHCP server.  What is the best method to point static IP servers to the same source as the clients?
0
Comment
Question by:iNetSystem
6 Comments
 
LVL 13

Expert Comment

by:Felix Leven
ID: 39803536
GPO:
Computer -> admin templates -> System -> Windows time sercive -> time providers
0
 
LVL 38

Expert Comment

by:Philip Elder
ID: 39803552
From an elevated command prompt on your PDCe:

w32tm /config /syncfromflags:manual "/manualpeerlist:0.ca.pool.ntp.org,0x1 1.ca.pool.ntp.org,0x1 2.ca.pool.ntp.org,0x1 3.ca.pool.ntp.org,0x1" /reliable:yes [Enter]

w32tm /config /update [Enter]

net stop w32time && net start w32time [Enter]

w32tm /resync /force [Enter]

w32tm /query /source [Enter]

Your response to this one should be: 1.ca.pool.ntp.org (or other). This will set your PDCe as authoritative time source for the domain which is what it is supposed to be.

Check your SCOPE OPTIONS in DHCP to see if NTP has been set to the DHCP server and remove that setting.

www.ntp.org is where to find your local servers as the above server settings are for our Canadian ones.

Philip
0
 
LVL 21

Expert Comment

by:RK
ID: 39803553
Hi,

Refer this MS article http://support.microsoft.com/kb/816042/ which should fix your issue.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Author Comment

by:iNetSystem
ID: 39803603
A bit confused on the solutions.

NTP is on the DC under DHCP Options and is fine, I wouldn't want to remove it.
Are you suggesting if I manually correct the PDC time that all member servers will automatically catch up?
0
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 39803621
The PDC is the "authoritative" time source but all other Domain Controllers get that Time source from the PDC and distribute the time to the clients. Depending on the DC the client is authenticating from that is the time source where that PC is getting it from.

If your clients are getting there time source from a DC that is not holding the PDC role this is normal and it is setup this way to distribute the load among the DC's.

You can check what DC you are authenticate to by doing the following..
- open cmd
- type: set logonserver

That command will tell you what DC you are authenticating to which will also be the server your machine is getting its time source from (unless harden in the registry or settings from the DHCP).

As already listed above you can resync your client/server using the w32tm /resync command. If you need to continue to do this then there might be something wrong with the client/server in regards to the trust on the domain.

I personally would not recommend hardening the PDC server in the registry as it should distribution among all the DC's in the environment.

If a machine is out of sync and you resync it using the w32/tm command depending on how far off the time is it will not resync instantly and is a gradual process.

Will.
0
 
LVL 13

Expert Comment

by:Felix Leven
ID: 39826022
Hi, do you need more assistance on this Topic ?
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This script can help you clean up your user profile database by comparing profiles to Active Directory users in a particular OU, and removing the profiles that don't match.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question