[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

2003 DC won't allow NTP updates from clients

Posted on 2014-03-26
7
Medium Priority
?
355 Views
Last Modified: 2014-03-27
Hi Everyone,

I have come across a time issue in my domain. My PDC (which is currently running Server 2003) won't allow clients to access time updates

(output from client on command prompt: C:\Users\jdoe>telnet gltech-dc1 123
Connecting To gltech-dc1...Could not open connection to the host, on port 123:
Connect failed)

I have some people that have the right time and a lot of people with the wrong time. I do not have the Firewall ICS service running, but I never needed it before.

Any ideas?
0
Comment
Question by:WindhamSD
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 3

Assisted Solution

by:SandeepWalve
SandeepWalve earned 400 total points
ID: 39956261
Those machine which are not allowing the Time Sync please check whether they have your Primary DC as NTP Server

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\Parameters\NtpServer

If the NTPServer is not correct you can update it with below command on all the machines which are having issues.

Net time \\<ntpserver> /set /yes
net stop w32time
net start w32time

Your Primary DC should be pointing to either third party time server or time.windows.com (Assuming here you have internet connectivity for updates from time.windows.com
0
 

Author Comment

by:WindhamSD
ID: 39956308
Thanks for the reply Sandeep,

All of our clients have the proper NTP server in the registry and if I update them they will temporarily get the right time, but then it will change again to a few minutes later. This is even happening on my other servers as well. The PDC is set to it's self (via DNS name) for time. I am planning on changing that off hours tonight to point out to an external time source.
0
 
LVL 3

Expert Comment

by:SandeepWalve
ID: 39956338
How much the time difference changes on the servers??

Check if Daylight Savings is set correctly for your clients/servers.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:WindhamSD
ID: 39956498
Thanks again Sandeep,

The time is off by about 5 and half minutes. Daylight Savings is good...
0
 
LVL 18

Accepted Solution

by:
Sarang Tinguria earned 1600 total points
ID: 39957165
Remove all time configurations from all sources (GPO, DHCP, router etc)
Time service works better on its own just run first set of command on PDC and second set of command from other DC's  from below article

Clients should get the time from server without any configuration

http://www.experts-exchange.com/Software/Server_Software/Active_Directory/A_10789-Time-Service-Configuration.html
0
 

Author Comment

by:WindhamSD
ID: 39957390
Thanks Sarang,

I will dive into this and see what transpires.

Much appreciated
0
 

Author Closing Comment

by:WindhamSD
ID: 39959008
That did the trick! One of my DCs needed to be re-registered.

Thank You so much!
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question