Mundy

IT Knowledge Base

User Tools

Site Tools


ntp_time_sync_in_windows_server

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
ntp_time_sync_in_windows_server [2016/10/04 13:53]
Dan Mundy created
ntp_time_sync_in_windows_server [2018/04/09 09:56] (current)
Line 1: Line 1:
-Note for Hyper-V [http://​www.altaro.com/​hyper-v/​hyper-v-time-synchronization/​ this] is a good read. Suggests PDC syncs from Internet, BDCs sync from PDC, Hyper-V host syncs from PDC, all other VMs sync from host.+====== Hyper-V ====== 
 + 
 + 
 +Note for Hyper-V ​[[http://​www.altaro.com/​hyper-v/​hyper-v-time-synchronization/​|this]] is a good read. Suggests PDC syncs from Internet, BDCs sync from PDC, Hyper-V host syncs from PDC, all other VMs sync from host.
  
 Heaps of good info on NTP and AD: http://​msmvps.com/​blogs/​acefekay/​archive/​2009/​09/​18/​configuring-the-windows-time-service-for-windows-server.aspx Heaps of good info on NTP and AD: http://​msmvps.com/​blogs/​acefekay/​archive/​2009/​09/​18/​configuring-the-windows-time-service-for-windows-server.aspx
  
-== Set up NTP from the PDC ==+===== Set up NTP from the PDC =====
  
 The following commands are all you need to set up automatic time sync and force it to adjust right now: The following commands are all you need to set up automatic time sync and force it to adjust right now:
  
-<source lang=dos>+<code>
 w32tm /config /​manualpeerlist:​pool.ntp.org /​syncfromflags:​manual w32tm /config /​manualpeerlist:​pool.ntp.org /​syncfromflags:​manual
 w32tm /config /update w32tm /config /update
Line 13: Line 16:
 net start w32time net start w32time
 w32tm /resync /rediscover w32tm /resync /rediscover
-</source>+</code>
  
 Note: Only your PDC (to find it type '''​netdom /query fsmo'''​) should sync time from an external NTP server. All other servers and PCs on the domain should sync with the PDC, and this should be automatic, ie. nothing you need to do. Note: Only your PDC (to find it type '''​netdom /query fsmo'''​) should sync time from an external NTP server. All other servers and PCs on the domain should sync with the PDC, and this should be automatic, ie. nothing you need to do.
  
-== Troubleshooting ==+===== Troubleshooting ​=====
  
-Make sure UDP port 123 is permitted by your router, both inbound and outbound +  - Make sure UDP port 123 is permitted by your router, both inbound and outbound 
-Make sure the W32Time service is enabled and running (there was a known issue in SBS 2003 when Windows Server 2003 SP1 has been installed without also installing SBS 2003 SP1) +  ​- ​Make sure the W32Time service is enabled and running (there was a known issue in SBS 2003 when Windows Server 2003 SP1 has been installed without also installing SBS 2003 SP1) 
-Check the event logs +  ​- ​Check the event logs 
-Restart the w32time service on the local computer, the DC, and also the DC that is holding the PDC role +  ​- ​Restart the w32time service on the local computer, the DC, and also the DC that is holding the PDC role 
-[http://​technet.microsoft.com/​en-us/​library/​cc756625(v=ws.10).aspx Turn on time service logging] (w32tm /debug /enable /​file:​c:​\w32time.log /​size:​10000000 /​entries:​0-116) and restart the w32time service. Turn it off when you're done (w32tm /debug /disable)+  - [[http://​technet.microsoft.com/​en-us/​library/​cc756625(v=ws.10).aspx|Turn on time service logging]] (w32tm /debug /enable /​file:​c:​\w32time.log /​size:​10000000 /​entries:​0-116) and restart the w32time service. Turn it off when you're done (w32tm /debug /disable)
  
-== DHCP ==+===== DHCP =====
  
 Never set the time server in the logon script, as that requires Administrator rights on the workstations. Never set the time server in the logon script, as that requires Administrator rights on the workstations.
Line 33: Line 36:
 But if you want to have a fallback, rather than logon script, it's better to use DHCP. Just enter the IP address of the PDC in both option 004 and 042. But if you want to have a fallback, rather than logon script, it's better to use DHCP. Just enter the IP address of the PDC in both option 004 and 042.
  
-== Settings for DCs (other than the PDC), member servers, and domain computers ==+===== Settings for DCs (other than the PDC), member servers, and domain computers ​=====
  
 Nothing should be configured for NTP except the PDC. The following commands are for everything **except** the PDC. Nothing should be configured for NTP except the PDC. The following commands are for everything **except** the PDC.
Line 39: Line 42:
 Here's how to check whether it's set correctly. Run the following command, if it says NTP, it's wrong: Here's how to check whether it's set correctly. Run the following command, if it says NTP, it's wrong:
  
 +<​code>​
     U:\>reg query hklm\system\currentcontrolset\services\w32time\parameters     U:\>reg query hklm\system\currentcontrolset\services\w32time\parameters
     ​     ​
Line 47: Line 51:
     Type    REG_SZ ​   NTP     Type    REG_SZ ​   NTP
     NtpServer ​   REG_SZ ​   time.windows.com,​0x9     NtpServer ​   REG_SZ ​   time.windows.com,​0x9
 +</​code>​
  
 So change it: So change it:
  
 +<​code>​
     U:​\>​w32tm /config /​syncfromflags:​domhier /​reliable:​no /update     U:​\>​w32tm /config /​syncfromflags:​domhier /​reliable:​no /update
     The command completed successfully.     The command completed successfully.
Line 59: Line 65:
     The Windows Time service is starting.     The Windows Time service is starting.
     The Windows Time service was started successfully.     The Windows Time service was started successfully.
 +</​code>​
  
 Now it's right because it says NT5DS: Now it's right because it says NT5DS:
  
 +<​code>​
     U:\>reg query hklm\system\currentcontrolset\services\w32time\parameters     U:\>reg query hklm\system\currentcontrolset\services\w32time\parameters
     ​     ​
Line 70: Line 78:
     Type    REG_SZ ​   NT5DS     Type    REG_SZ ​   NT5DS
     NtpServer ​   REG_SZ ​   time.windows.com,​0x9     NtpServer ​   REG_SZ ​   time.windows.com,​0x9
 +</​code>​
  
 If you get an error message that it can't find a DC, try resetting the time service back to default: If you get an error message that it can't find a DC, try resetting the time service back to default:
  
 +<​code>​
  net stop w32time  net stop w32time
  w32tm /unregister  w32tm /unregister
  w32tm /register  w32tm /register
  net start w32time  net start w32time
 +</​code>​
ntp_time_sync_in_windows_server.txt · Last modified: 2018/04/09 09:56 (external edit)