Disable Time Sync on Windows server on Domain

I have a supplier of software who wants to test some date related functions within MS SQL2008R2
Their stored procedures use GETDATE() and GETUTCDATE() to get the date, which reads from the underlying Windows 2012 server with MSSQL.

Their solution is to change the system date on the SQL server whenever they want to do their testing of date functions.

However, the Active Directory, quite rightly, changes the system time back to the correct PDC emulator time within 10-20 minutes.

Ive tried moving the AD object into a Test OU and block all Group Policy inheritence to ensure it isnt a GPO that is changing the time

Is there anyway, apart from dropping the server off the domain, that I can stop the Windows 2012 server from syncing its time from the Active Directory?
The server needs to remain on the domain for other parts of the software testing.
LVL 1
HBS-MachAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

KaffiendCommented:
Kerberos, which AD uses, will break within 5 minutes or so of time discrepancy (default value, you can change to other than 5 minutes)

So, if you don't need any kind of authentication or security tokens, you might be able to get away with doing this.

A registry change to make the server use itself as a time source would probably work (but remember to keep in mind my first 2 statements)
0
HBS-MachAuthor Commented:
Hi Kaffiend,

I understand that we will break the ability to login with a domain account while the time is incorrect.
The idea is that just during the testing, the date is changed.
They DO NOT log out of the machine while the date is incorrect.
They change it back to correct time before they logout

A reboot or logging in with a local account to re-adjust the time will allow domain accounts to log back in, if they forget to change it or get booted off for some reason.

What would the registry change be to set the server as its own time source?
0
KaffiendCommented:
Sorry I don't remember what the change is.  It's in notes that I have kept through the years but it's at home and thus, not handy   : (

This article (even easier than regedit) will help you achieve the same thing:
https://technet.microsoft.com/en-us/library/cc757721(v=ws.10).aspx
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Adam BrownSr Solutions ArchitectCommented:
Go to CMD, run the following:

w32tm /config /syncfromflags:no /update

Open in new window


That will set the w32tm service to stop syncing. Running this will return it to normal:

w32tm /config /syncfromflags:domhier /update

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
HBS-MachAuthor Commented:
Thanks all.
I will give these a go and get back to you tomorrow.
0
oBdACommented:
You will not want to reconfigure the time service for that; that change is permanent, so if for whatever reason the change isn't undone, a reboot won't cure the problem.
If they continue with that, it's best to just stop (and I mean "Stop", not set to "Disabled") the time service, either with services.msc (Windows Time), or in an elevated command prompt or Powershell: net.exe stop W32Time.

That said, instead of changing the system time, they should consider using a wrapper function to get the time, and set the wrapper function to either return the true time or an offset time based on whatever debugging arguments they need.
0
HBS-MachAuthor Commented:
Hi all
Thanks for the help.

@oBdA - A reboot does fix the time when ive reconfigured the syncfromflag.
Maybe its a group policy we have, but a reboot resets the time to the correct time
But, stopping the service also works.

@acbrown2010 - Thanks, w32tm /config /syncfromflags:no /update worked fine for me.

@kaffiend - thanks for pointing me in the right direction to look it up myself. Teach a man to fish etc...
0
HBS-MachAuthor Commented:
w32tm /config /syncfromflags:no /update

worked fine for me.
Check if the change is reverted back, otherwise the server will be changed forever.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.