About Pricing Community Teams Start Free Trial

Exchange User

asked on 1/27/2016

Setting up Time Server in AD

Hi all,

I have to setup a time server on our PDC holding DC. I have seen how to set it up but our HQ is in one city and some of the branches are 1 hour behind, some are 2 and some are 3. All branches are in the same country though. So When setting up the time server, if I add pool.ntp.org, will that work fine for all branches ?

Active Directory

Last Comment

Bob McCoy

8/22/2022 - Mon

ASKER CERTIFIED SOLUTION

Gauresh_sakhalkar

1/27/2016

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.

View this solution by signing up for a free trial.

Members can start a 7-Day free trial and enjoy unlimited access to the platform.

See Pricing Options

Start Free Trial

GET A PERSONALIZED SOLUTION

Ask your own question & get feedback from real experts

Find out why thousands trust the EE community with their toughest problems.

Bob McCoy

2/1/2016

I do not recommend changing the individual time settings on DCs. You really need to know how time is used in an AD domain.

All workstations and member servers get their time from their authenticating DC.

All DCs get their time from the DC that holds the PDC emulator role.

The PDCe gets its time from an external time source, one of the pool servers, GPS, core router, etc.

All DCs are already time servers, evidences by the fact that netstat shows port 123 active.
You are much more likely seeing time zone issues that real time skew. Active Directory uses Kerberos authentication and is set to allow for a maximum five minute skew, otherwise it considers those requests as replay attacks.

I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst

Plans and Pricing

Certified Expert Program

Credly Partnership

Udemy Partnership