Solved

Problem with time server configuration.

Posted on 2016-07-22
8
65 Views
Last Modified: 2016-07-22
We have a Windows 2008 server which is reporting a lot of errors regarding the time service as detailed below.  This server is configured as a DC.  Notice the time is constantly being adjusted and the server is regularly stopping itself advertising as a time server

Event Log
This server is hosted on the cloud and is configured to sync time with the primary DC on our local site.  This local primary DC uses references time.windows.com.

Time Config

What is causing these time events and how should we fix it?
0
Comment
Question by:canuckconsulting
  • 4
  • 3
8 Comments
 
LVL 11

Expert Comment

by:Old User
ID: 41724268
This points to a communication issue with the time source, ie unable to update time from 10.1.1.250.

you need to resolve the communication issue or set that server to use an external time source.
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 300 total points
ID: 41724278
If your cloud server is virtual (most likely) then you need to disable a key in the registry that forces it to sync with it's host machine no matter what else you have added to direct it to sync with your on-premise DC.

Look for this key:
HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\VMICTimeProvider\

Then set "Enabled" to "0"

After you do that, restart the time service:

net stop w32time
net start w32time

Also, I'd suggest that you don't use time.windows.com, if the server cannot reach it for some reason (which happens a lot) then you'll get those type of errors.

Instead use the ntp.org servers -- and to change to those run the following commands on your PDC:

w32tm /config /manualpeerlist:"0.pool.ntp.org,0x8 1.pool.ntp.org,0x8 2.pool.ntp.org,0x8" /syncfromflags:MANUAL
w32tm /config /update
net stop w32time
net start w32time
w32tm /resync /nowait
0
 

Author Comment

by:canuckconsulting
ID: 41724515
Jeffrey Kane: Thanks

I found this from ntp.org.  It suggests that this is not the right path for servers on an AD network.  Can you please advise?  I should mention that I made your changes prior to find this article so am a bit nervous now as I'm unsure how to rollback!

An example configuration, suitable for a Windows 2003 standalone server or Primary Domain Controller Emulator in a Active Directory domain:
C:\>w32tm /config /update /manualpeerlist:"0.pool.ntp.org,0x8 1.pool.ntp.org,0x8 2.pool.ntp.org,0x8 3.pool.ntp.org,0x8" /syncfromflags:MANUAL
The above configuration tells Windows Time Service to use four servers from the NTP Pool, and use a client-mode association (identified by the ,0x8 after each server name) to contact them. This configuration is analgous to server directives in the configuration file for ntpd. Note that this configuration should not be used on Windows servers or clients that are members of an Active Directory domain, unless you absolutely want them to ignore time from Active Directory domain controllers on the network.
0
 

Author Comment

by:canuckconsulting
ID: 41724549
Dave Preston: Thanks for the input.

The server with this errors is hosted remotely at hosting.com on the cloud while 10.1.1.250 is based at our local site.  They are both DCs.  Could the remote server be failing due to delays associated with this configuration.  Should instead both DCs be configured to sync with the same external time server like ntp.org?
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 11

Assisted Solution

by:Old User
Old User earned 200 total points
ID: 41724556
Yes I would configure both to sync from the same time source. I too use ntp.org.
If you go to their site there are very good instructions on how to configure a Windows server to use their pool of ntp servers
0
 

Author Comment

by:canuckconsulting
ID: 41724559
Thanks Dave.

I reread my post to Jeffrey above and think I missed the point.  Presumably the bit in bold refers to non-DCs.  Is that your chaps take as well?
0
 
LVL 11

Expert Comment

by:Old User
ID: 41724562
It is okay to use external time source on a DC, but better to let clients and member servers use th DC as their time source
0
 

Author Closing Comment

by:canuckconsulting
ID: 41724577
Thanks guys!
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Terminal Server Temp Profile issue ? 12 53
Need to test AD authentication 3 49
Need script to search multiple files in one drive 13 33
Linksys 4 port wireless router 62 42
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now