computers are no longer getting time from DC. We had a PDC DC fail. I cleaned up AD and built a new DC. Transferred all the FSMO roles. Both DC's are Windows 2016
Some of the servers are syncing with the PDC others are 1 minute off.
What is the best way to correct this and get the entire domain in sync
Active Directory
Last Comment
J.R. Sitman
8/22/2022 - Mon
65td
Has the new PDC emulator being configured to an external NTP source?
I read through the article but saw nothing that explained why computers were no longer syncing with the PDC. It mostly discussed registry settings.
Did I miss something?
Shaun Vermaak
Some of the servers are syncing with the PDC others are 1 minute off.
That is expected. DC is SNTP not NTP. If you want it to be more accurate you need to use NTP.
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
J.R. Sitman
ASKER
the PDC is NTP. The other DC is NT5DS. They are in sync. Also, we have 3 locations and at the other 2, all servers are in sync. So I do not want to disagree with you, but the location with the sync issue used to be in sync until the PDC failed
J.R. Sitman
ASKER
However, to be clear the bigger issue is the computers. They are not getting their time from the PDC. They are getting it from the local CMOS.
65td
True on boot the computers will look at CMOS for time but once they login to the domain the computers should do a time sync with a DC.
If the CMOS time is incorrect (due to a failed CMOS battery causing it to get BIOS time) the time maybe to far out for the sync.
Other reasons are highlighted in this doc from MS:
The other link was windows time settings.
As noted above windows uses SNTP but MS calls it NTP and the PDCe can configured to receive NTP and all domain members to use NT5DS.
Unlimited question asking, solutions, articles and more.
J.R. Sitman
ASKER
I understand that the computers "should" be getting their time from the domain, however, they are not. They are getting it from the local CMOS. That is what I am trying to solve.
65td
Is the CMOS time close to the domain time?
J.R. Sitman
ASKER
most computers are off by 45 seconds. One is off by 3 minutes. When I tried to adjust it, I got the message it was being controlled by the Administrator. It is a Win 10 machine.
I did try to change the time on 2 other computers that are using the local CMOS and I was able to.
In addition, the Win 10 computer when I do a Network search it only displays the Domain servers. Do not know if this is related?
Your help has saved me hundreds of hours of internet surfing.
fblack61
J.R. Sitman
ASKER
below are some w32tm queries
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\g.wilson>w32tm /query /source
Local CMOS Clock
C:\Users\g.wilson>w32tm /query /status
Leap Indicator: 3(last minute has 61 seconds)
Stratum: 0 (unspecified)
Precision: -6 (15.625ms per tick)
Root Delay: 0.0000000s
Root Dispersion: 0.0000000s
ReferenceId: 0x00000000 (unspecified)
Last Successful Sync Time: unspecified
Source: Local CMOS Clock
Poll Interval: 10 (1024s)
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
W32tm documentaion link:
https://docs.microsoft.com/en-us/windows-server/networking/windows-time-service/windows-time-service-tools-and-settings