Solved

NTP Server Providers

Posted on 2015-02-18
4
402 Views
Last Modified: 2015-02-24
I just finished adding a new Windows 2012 Server as a new DC as a VM.  I have another Windows 2012 Server DC as a physical server, and finally one Windows 2003 Server R2.  I transferred all (5) FSMO roles from the 2003 DC to the Windows 2012 Server that is on the  physical without issue, and all appears to be working well.    

Server Manager on the Windows 2012 Server that holds all the FSMO indicates a problem with BPA results:  Error The PDF Emulator master "servername" in this forest should be configured to correctly synchronize time from a valid time source.

I ran the following command on the pdc emulator:

w32tm /config /computer:"servername" /manualpeerlist:time.windows.com /syncfromflags: manual /reliable:yes /update

On the other two DCs I ran w32tm /config /syncfromflags:domhier /update

My first question is whether time.windows.com is the best NTP selection period?  We are on the east coast if that matters.  I thought I remember there was a problem using this NTP server in the past.  I am not entirely sure that was the case, so that is why I ask.

The second question is if the above commands are all that's needed to configure our PDC Emulator to sync time with a credible external time source, and have all other servers and client workstations sync time with the PDF Emulator.
0
Comment
Question by:cmp119
  • 2
  • 2
4 Comments
 
LVL 14

Assisted Solution

by:frankhelk
frankhelk earned 250 total points
ID: 40617345
First, I would recommend to configure NTP to use more than one source - to gain reiability and stability. The best source I know is pool.ntp.org, they provide a good selection of public NTP servers that could be finetuned i.e. to region or country.

Second ... I would avoid W32time in NTP mode whenever I could. That piece of crap has cost me hours and hours of nasty troubleshooting. I'd recommend to use the real thing - a Windows port of the classic Unix NTP client. Easy to install & configure, works like a charm, is mature as my grandpa and stable as a rock, and it is much easier to handle when it comes to the rare cases of troubleshooting.

See my article on NTP for details on both the NTP client and pool.ntp.org. And don't hesitate to ask if I left any question open.
0
 

Accepted Solution

by:
cmp119 earned 0 total points
ID: 40618960
Frankhelk - I read your article, and it was great.  However, I also used the following article and found it to be more precise in assisting me.  This article has all that I needed to resolve the issue, and it included sample commands as reference.  

http://binarynature.blogspot.com/2012/04/configure-active-directory.html
0
 
LVL 14

Expert Comment

by:frankhelk
ID: 40619562
Thanks ...

no problem - I know that my answer is a bit abroad of the AD topic - I'm happy that your problem is solved anyhow. Nevertheless I prefer the classic NTP client, and I still recommend it.

May you have always good times :-)
0
 

Author Closing Comment

by:cmp119
ID: 40627757
frankhelk confirmed using pool.ntp.org is the best NTP source, but his article lacked detailed instructions on how to do this on a Windows Server.  I found an article that gave me this precise information.  I appreciate the help!!!
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html) provided 218 attendees with a step-by-step guide for identifying Acti…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now