[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 526
  • Last Modified:

NTP settings on Windows 2008 reverting to Local CMOS Clock

I have set multiple domain servers in multiple domains to  point to an external source for thier time.  All have functioned properly except one.  When I w32tm /query /source I get Local CMOS clock.

To configure the time settings I type the command:
w32tm /config /manualpeerlist:<IPADDRESS> /syncfromflags:manual /update

I have stopped and started service, unregistered and reregistered w32tm dll.

Sometimes this gets it to work temporarily, but it always reverts back and many times I can't make the change.

In the registry, under w32time/Parameters key, the "NTPServer" value is set to the proper IPADDRESS above, the "Type" value is set to NTP.  

All settings match other DCs that function properly except under NTPServer Key.  Here it is missing the all the values that start with "Chain".  I added them manually and they soon disapear.  I'm not sure how important this is to getting the source setup.

Thanks in advance for help
1 Solution
cavalierlanAuthor Commented:
Additionally when I was able to get it to work temporarily the thing I noticed at the time different in registry was the AnnounceFlags value was set to 5, when all working DCs were set to 10.  When I would change affected DC to 10 it would work.

Today the value 10 persisted, but source did not.  I changed back to 5 and now it works.  I'm confused what about my process is making it work and what I need to set to make it stay working.
Is this actually on a Domain Controller or a member server?

I usually set the NTP source at DC level using Group Policy and then let domain time sort itself out.
Its more manageable than editing the Registry directly

If you configure the windows NTP client settings on the domain controllers to point at NTP and then us the DNS name to point at your external time source you will have your DC running and then let the domain time roll out for the rest.
Use a WMI filter to flip this group policy setting between domain controllers

The only DC you need to point at an external time source is the one with the PDC Emulator FSMO role. All of the other DCs, along with every other machine in the domain, can be configured to simply get their time from the domain hierarchy. It can still work with every DC using an external time source, as long as they're all able to reach it regularly, but that's making things more complicated than they need to be.
thats the beauty of the WMI filter it move the authoritative time source to which ever is running the PDCe Role. Any other domain controller is configured to take domain time.

you can use the other DC's to push out NTP but its not needed
Seth SimmonsSr. Systems AdministratorCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now