Do I need the first Domain controller to be time server as well

I just installed our first domain controller. It's 2012 server R2.  Do I need it to also be a time server as well. I have one linux server that is having issues joining the domain and it may be related to time server issues. I rather not put it on there if I don't have to , but  if I do , how do I add it. Thank you,
LVL 1
netcompAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Cliff GaliherCommented:
Windows time service is baked into the OS, so yes, it will be installed and on by default. You do *not* have to point your Linux machine to it for time, however. And NTP doesn't have an automatic discovery to it, so unless you configure it so, your Linux machines won't be using the windows server for time.  

Domain joined machines will sync with your first DC for time, and that is a good thing. Otherwise you run a significant risk of time skew locking you out of your domain joined machines.  Kerberos is intentionally time sensitive and so this hierarchy is a functional part of joining a domain when it comes to windows.  Workgroup machines will not be aware of or care about the DC.

There is rarely a reason to change this behavior so unless you have a *very* compelling reason, it is best left as-is.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
netcompAuthor Commented:
So, the DC is automatically the NTP server for the network. Is there a utility to check out the NTP server on the domain controller. ? Thank you
0
Cliff GaliherCommented:
The PDCe is the time server for other domain-joined machines.  Windows has a full hierarchy that describes how other domain joined machines check in.  In one sense, it is actually a grander scheme than "the network" as it actually takes into account multiple sites and WAN links. On the other hand, "the network" is an over-broad statement as non-domain clients such as Linux machines, workgroup computers, network equipment like smart switches and network-capable printers, will *not* use the hierarchy to sync time unless specifically configured to do so.

The windows implementation is a complient NTP protocol so you can use any NTP tool to query the server.  The command-line "w32tm" can also do this as well as make configuration changes and view statistics.

https://technet.microsoft.com/en-us/library/w32tm.aspx
0
Will SzymkowskiSenior Solution ArchitectCommented:
When you create a greenfield Active Directory Forest, the first domain controller will hold ALL of the roles a long with being a Global Catalog server as well. Now the first DC is the PDC and the PDC role controls the time, it is not actually configured with an External time source.

By default it is only using the BIOS clock which is not a good practice as it should be getting it's time source from an external atomic clock on the internet.

Configuring External Time Source
http://support.microsoft.com/en-us/kb/816042

As for the Linux server it does not need to point to the DC holding the PDC role if you do not want it to. You can having it pointing directly to external time source. Make sure though that whatever external time source you are using for your PDC make sure it is the same one used for your Linux servers as well.

Will.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.