The correct time is not synching on our network.

Hello:

We have 2 active Directory servers that our PC's and terminal Servers logon to.  One of our Active Directory servers is supposed to synch up to some time servers locate outside our network.  That AD server is not synching up.

My plan is to restart the AD server in the evening and hope that everything comes back.  My question is what else should I do just in case the restart does not fix this problem?
LVL 1
PkafkasNetwork EngineerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Will SzymkowskiSenior Solution ArchitectCommented:
Use the following link below to configure the external time source respectively...
https://support.microsoft.com/en-us/kb/816042

Also you need to make sure that NTP port 123 is opened on your firewall to your PDC. Once you have done this correctly check your PDC logs and it will show Information events showing that it has successfully updated the tiem from the external time source.

Ultimately you are modifying the registry on the PDC to confgiure this setting. The Other DC's will get the time from the PDC so there should not be any additonal configuration required.

Will.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Seth SimmonsSr. Systems AdministratorCommented:
what are you using for a time source?  servers through pool.ntp.org work well
are there any firewalls blocking UDP port 123?
the system log should show event id 37 when it is working

what is the output of w32tm /query /status ?

the domain controller that has the PDC emulator role should be the one configured to use an external source.  instead of restarting the server, restarting the windows time service should be sufficient
0
PkafkasNetwork EngineerAuthor Commented:
OK, I will give that a shot.

This problem only recently came up nd not changes have been made on the Firewall.  I will check the ports thogh.
0
frankhelkCommented:
Hmmm ... W32time, the timekeeping service in Windows. I experienced enough trouble with that piece of crap when in NTP mode to avoid using it whenever I can.

My recommendation if you don't fix up W32time:

Use a Windows port of the classic *ix NTP service, sync a master (or two, three) with an external source (i.e. from pool.ntp.org) and sync the clients and DCs to the master. The NTP service software is free, and it is really mature (first pulished in 1985, core service in every *ix and still in active development). Easy to install and configure, works like a charm and is stable as a rock. And it is nicer when it comes to one of the rare cases of troubleshooting.

See this article for the "How To".

The classic NTP service has a low ressource footprint, therefore the NTP functionality could be hooked onto existing machines or VM's like webservers, ftp servers, mailservers or database hosts - even in a DMZ - without visible performance impact.

If securtity is an issue, you might as well place radio controlled clock appliances into your LAN who serve time very reliable and precise.
0
PkafkasNetwork EngineerAuthor Commented:
After hours I first checked the registry settings and noticed that all required registry hacks were already made.  https://support.microsoft.com/en-us/kb/816042  That makes since it was working up until recently?

I then proceeded to find the Windown time service int eh 'services' module and right befre I was to stop and then start the service, I noticed the time on the server changed.  It synched up to get the correct time on its own.  Perhaps me looking at some of the registry entries helped things progress?

Then it was just a matter of time before all of the rest of the servers received the correct time as well.  This morning i did have to manually stop/start the Windows time service on my PC; but, the terminal servers received the correct time from last night.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.