Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

NTP Server Providers

Posted on 2015-02-18
4
Medium Priority
?
424 Views
Last Modified: 2015-02-24
I just finished adding a new Windows 2012 Server as a new DC as a VM.  I have another Windows 2012 Server DC as a physical server, and finally one Windows 2003 Server R2.  I transferred all (5) FSMO roles from the 2003 DC to the Windows 2012 Server that is on the  physical without issue, and all appears to be working well.    

Server Manager on the Windows 2012 Server that holds all the FSMO indicates a problem with BPA results:  Error The PDF Emulator master "servername" in this forest should be configured to correctly synchronize time from a valid time source.

I ran the following command on the pdc emulator:

w32tm /config /computer:"servername" /manualpeerlist:time.windows.com /syncfromflags: manual /reliable:yes /update

On the other two DCs I ran w32tm /config /syncfromflags:domhier /update

My first question is whether time.windows.com is the best NTP selection period?  We are on the east coast if that matters.  I thought I remember there was a problem using this NTP server in the past.  I am not entirely sure that was the case, so that is why I ask.

The second question is if the above commands are all that's needed to configure our PDC Emulator to sync time with a credible external time source, and have all other servers and client workstations sync time with the PDF Emulator.
0
Comment
Question by:cmp119
  • 2
  • 2
4 Comments
 
LVL 14

Assisted Solution

by:frankhelk
frankhelk earned 750 total points
ID: 40617345
First, I would recommend to configure NTP to use more than one source - to gain reiability and stability. The best source I know is pool.ntp.org, they provide a good selection of public NTP servers that could be finetuned i.e. to region or country.

Second ... I would avoid W32time in NTP mode whenever I could. That piece of crap has cost me hours and hours of nasty troubleshooting. I'd recommend to use the real thing - a Windows port of the classic Unix NTP client. Easy to install & configure, works like a charm, is mature as my grandpa and stable as a rock, and it is much easier to handle when it comes to the rare cases of troubleshooting.

See my article on NTP for details on both the NTP client and pool.ntp.org. And don't hesitate to ask if I left any question open.
0
 

Accepted Solution

by:
cmp119 earned 0 total points
ID: 40618960
Frankhelk - I read your article, and it was great.  However, I also used the following article and found it to be more precise in assisting me.  This article has all that I needed to resolve the issue, and it included sample commands as reference.  

http://binarynature.blogspot.com/2012/04/configure-active-directory.html
0
 
LVL 14

Expert Comment

by:frankhelk
ID: 40619562
Thanks ...

no problem - I know that my answer is a bit abroad of the AD topic - I'm happy that your problem is solved anyhow. Nevertheless I prefer the classic NTP client, and I still recommend it.

May you have always good times :-)
0
 

Author Closing Comment

by:cmp119
ID: 40627757
frankhelk confirmed using pool.ntp.org is the best NTP source, but his article lacked detailed instructions on how to do this on a Windows Server.  I found an article that gave me this precise information.  I appreciate the help!!!
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question