Solved

NTP Active Directory

Posted on 2014-10-19
9
234 Views
Last Modified: 2014-10-26
Hi,

I am trying to get the domain controllers to update to the correct time via the ntp server.  I have  added it in the registry key for ntp the source ip, it shows in this format:   xxx.xxx.xxx.x , 0x9 .  What is th 0x9 represent?  Also, the time is not updating.  I have verified connectivity to the resource.

thanks
0
Comment
Question by:Jack_son_
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
9 Comments
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 40390773
Hi,
Once you've setup the NTP server it does not mean that the Domain controller would start to update from it. You shuld make the initial synchronization manually and it would then start to synchronize with the NTP Source.

Please follow this TechNet article here. It shows hoe to perform the initial synchronziation. The problem here is NTP would not strt synchronization if time difference is too big.

You can find the flags after the time server here

This article over MSDN has the meaning of all the flags.

Cheers,
K.
0
 

Author Comment

by:Jack_son_
ID: 40391015
thanks; this is all set, although the time is still not correct.  Looks like it is using NTP now in the registry on the PDC.  Will it take time to update?
0
 
LVL 30

Assisted Solution

by:Kerem ERSOY
Kerem ERSOY earned 334 total points
ID: 40391036
You're welcome. Are you sure your Time Zone is configured properly? This being said clients do synchronization when you logon/reboot or periodically over the server. To do it manually you can use this command:

w32tm /resync

Open in new window


Cheers,
K.
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 

Author Comment

by:Jack_son_
ID: 40391132
yes; I am actually just looking at the time on the DC.  Right now it shows this when I run the resync command:

The computer did not resync because no time data was available.
0
 
LVL 14

Assisted Solution

by:frankhelk
frankhelk earned 166 total points
ID: 40391471
Hmmm ... W32time, the timekeeping service in Windows. I experienced enough trouble with that piece of crap when in NTP mode to avoid using it whenever I can.

My recommendation:

Use a Windows port of the classic *ix NTP service, sync a master (or two, three) with an external source (i.e. from pool.ntp.org) and sync the clients and DCs to the master. The NTP service software is free. Easy to install and configure, works like a charm and is stable as a rock. And it is nicer when it comes to one of the rare cases of troubleshooting.

See this article for the "How To".

The NTP service has a low ressource footprint, therefore the NTP functionality could be hooked onto existing machines or VM's like webservers, ftp servers, mailservers or database hosts - even in a DMZ - without visible performance impact.

If securtity is an issue, you might as well place radio controlled clock appliances into your LAN who serve time very reliable and precise.
0
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 40391494
When you say time is wrong over PDC what do you mean? Some hours? minutes?

Are you clients logging in to the domain or do they belong to some own workgroup ?
0
 

Author Comment

by:Jack_son_
ID: 40391637
no, its a domain and the time is wrong.  I need the PDC (primary domain controller) to sync with an external NTP server versus its internal clock.
0
 
LVL 14

Expert Comment

by:frankhelk
ID: 40393813
Maybe I repeat myself, but that's a classic case for a classic NTP client ... give it a try.
0
 
LVL 30

Accepted Solution

by:
Kerem ERSOY earned 334 total points
ID: 40394556
When you run these commands:

> net stop w32time
> w32tm /config /syncfromflags:manual /manualpeerlist:”0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org” /reliable:yes
> net start w32time

Open in new window


I guess this should work.

Cheers,
K.
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A company’s centralized system that manages user data, security, and distributed resources is often a focus of criminal attention. Active Directory (AD) is no exception. In truth, it’s even more likely to be targeted due to the number of companies …
Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Suggested Courses

627 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question