Solved

Setting up PDC to sync with external time server

Posted on 2014-07-18
9
458 Views
Last Modified: 2014-07-22
I am trying to setup a Windows 2003 server as an authoritative time server that syncs with an external time source.
Additionally, we may be moving this to a Windows 2008 R2 server.

I am receiving an error "The computer did not resync because no time data was available"

I have ran the following commands (as administrator) on the PDC:
Stop Time service: C:>net stop w32time
Configure the external time sources: C:> w32tm /config /syncfromflags:manual /manualpeerlist:”0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org”
Set as Reliable source: C:>w32tm /config /reliable:yes
Start time service: C:>net start w32time

Resync time: w32tm /resync

I believe that the resync command will force the PDC to syncronize with the external source.

Please help me get this setup properly.
0
Comment
Question by:jjwolven
9 Comments
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40205286
get rid of the quotes; separate server list with comma and no spaces

/manualpeerlist:0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org

Open in new window

0
 

Author Comment

by:jjwolven
ID: 40205291
That did not work. I received the same error: no time data available.
0
 
LVL 5

Expert Comment

by:amac81
ID: 40205293
Here is the Syntax of that Command:  You need to also space the servers and not use commas.

{/config [/computer:ComputerName] [ [/update] [/manualpeerlist:ListOfComputerNames] ] [/syncfromflags:ListOfFlags]
]|/monitor|/ntte|/ntpte|/register|/resync [{:ComputerName] [/nowait]|[/rediscover}]|/tz|/unregister}

Looks like you should use:
w32tm /config /manualpeerlist:”0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org” /syncfromflags:manual

EDIT:  The quotes are necessary, as are the spaces.  The commas will not work.
0
 

Author Comment

by:jjwolven
ID: 40205313
Still receiving "no time data was available" when I do a 'w32tm /resync' on the PDC

The first post has my entire process listed - did I miss anything in that process?
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 5

Expert Comment

by:amac81
ID: 40205318
Try this:

net stop w32tm
w32tm /config /manualpeerlist:”0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org” /syncfromflags:manual /reliable:yes /update
net start w32tm
0
 
LVL 5

Expert Comment

by:amac81
ID: 40205326
Wait, you're on 2003.  Just edit it in the registry.

w32tm /dumpreg /subkey:parameters

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters

Also, are you sure your firewall is letting UDP port 123 outbound?
0
 

Author Comment

by:jjwolven
ID: 40205363
I checked registry time Parameters and it has the list in there.

Also, I added an explicit entry in the firewall to allow port 123.

Still the same error
0
 
LVL 39

Accepted Solution

by:
footech earned 500 total points
ID: 40205497
You might try using different flags to adjust how you're querying the servers.  http://support.microsoft.com/kb/875424
w32tm /config /manualpeerlist:"0.us.pool.ntp.org,0x8 1.us.pool.ntp.org,0x8 2.us.pool.ntp.org,0x8 3.us.pool.ntp.org,0x8" /syncfromflags:MANUAL /reliable:yes /update

Open in new window

0
 

Author Comment

by:jjwolven
ID: 40205708
It looks like this last command worked. Everything is sync'd and /resync'ing.
I will wait a day or two and make sure it all stays sync'd, then close.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Suggested Solutions

I previously wrote an article addressing the use of UBCD4WIN and SARDU. All are great, but I have always been an advocate of SARDU. Recently it was suggested that I go back and take a look at Easy2Boot in comparison.
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now