Solved

Hyper-V:  Time Configuration

Posted on 2014-09-16
5
282 Views
Last Modified: 2014-11-12
What is the best practice for configuring time source in a multi server domain?  (Have a mix of 2003 STD and 2012 STD and HyperV - VMs)

 This is what I was thinking.......Have the DC/FSMO get external time,  Have the other DCs and member servers point to the DC/FSMO.  I believe workstations will by default point to the DC/Fsmo???

 Should the other DCs and member servers point to the DC/FSMO and have a 2nd time source thats  external?
0
Comment
Question by:howmad2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 121

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 500 total points
ID: 40325690
Yes, correct PD emulator - External Time Source.

Member Servers and DCs sync against PD emulator (domain).

Wokstations will sync to Domain.
0
 
LVL 20

Expert Comment

by:Svet Paperov
ID: 40325695
This question surfaces from time to time.

There are different ways to setup the time synchronization in virtualized environment. However, there are couple thinks to consider:
-      If the DC are running on domain member Hyper-V servers, you should disable the time synch from Integration services
-      All member servers and workstations in a domain will synch the time with PDC FSMO-holder’s DC

Your approach sounds correct. Another that you could consider is to synch the DC with an internal source which is synched with an external one. In such way, you improve the security by reducing the cases where the DC communicates with Internet’s hosts and you have a single time source for the whole organization. This other source could be a Linux server or a router/firewall.
0
 

Author Comment

by:howmad2
ID: 40325803
Should Member Servers and DCs sync against PD emulator (domain) with a 2nd  entry to an external source?

Do I have to do anything special for a Hyper-V VM that is a DC ?
or  a Hyper-V VM that is a Member Server?
Or a Hyper-V host (2012 R2 Standard)?
0
 
LVL 13

Expert Comment

by:Greg Hejl
ID: 40325937
Here is my go to file for Windows NTP Setup:

You need to turn off time services for guests in Hyper V so they will get their time from your domain hierarchy

Here are the instructions for NTP GPO:

http://blogs.technet.com/b/nepapfe/archive/2013/03/01/it-s-simple-time-configuration-in-active-directory.aspx

Net Stop W32Time
w32tm /config /syncfromflags:manual /manualpeerlist:0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org,3.pool.ntp.org
W32tm /config /reliable:yes
Net Start W32Time
W32tm /config /update
W32tm /resync


- to configure a domain computer for automatic domain time synchronization, run:

w32tm /config /syncfromflags:domhier /update

After that you have to run:
net stop w32time
net start w32time

--------------------------------------------------------------------

- to reconfigure the previous PDC Emulator, in case of transferring/seizing the FSMO to another Domain Controller, run:

w32tm /config /syncfromflags:domhier /reliable:no /update


After that you have to run:
net stop w32time
net start w32time

If you have problems with the time service configuration, because too many changes where done in the registry or you like start fresh on a computer, then you can reset the time service to a default state the following way. Make sure to use an elevated command prompt, to have full administrative permissions. Then type in the following commands:

net stop w32time

w32tm /unregister

w32tm /register

net start w32time
0
 
LVL 121
ID: 40325977
I would not do second source as an external.
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Previously, on our Nano Server Deployment series, we've created a new nano server image and deployed it on a physical server in part 2. Now we will go through configuration.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question