Authoritative Time Server not working
Hi, I promoted a member server to DC (Windows 2003 SP1) & then made it my PDM within the domain. The demoted PDC was the authoritative time server (Windows 2003 SP2) syncing with an external NTP server & all my client workstations & servers were syncing correctly throughout the domain.I made the registry changes exactly to what was described from the knowledge article linked below. I changed the old PDC to default registry configuration for the W32Time service.http://support.microsoft.com/kb/816042When I run NET TIME /DOMAIN:<domainname> command from a client workstation the result shows the current time from the PDC.If I change the time on the PDC the time will automatically sync after 15 minutes or so.
If I change the time on my second DC it reports the following event log entry after 15 mins or so.
Source: W32Time
Event ID: 38
The time provider NtpClient cannot reach or is currently receiving invalid time data from <My PDC> (ntp.d|<IP Address of the DC>:123-><IP Address of PDC>:123).
If I change the time on my client workstations they don’t report any event log entries at all & obviously are not syncing time. All these client workstations have NT5DS configured under HKEYLM\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type.
Any help with this problem will be greatly appreciated.
Thanks
January 28th, 2010 3:26am
This behavior will occur if a GPO (G roup P olicy O bject) for a Windows Time Service object is configured incorrectly.To fix this problem:
01. Start / Run / dsa.msc / OK .
02. Right-click the Domain Controllers container and press Properties .
03. Select the Group Policy tab.
04. Select the Default Domain Controllers Policy and press Edit . If GPMC is implemented, press Open first.
05. Expand Computer Configuration / Administrative Templates / System / Windows Time Service .
06. Right-click Global Configuration Settings and press Properties .
07. Select Not Configured .
08. Press Apply and OK .
09. Expand Windows Time Service .
10. Double-click Enable Windows NTP Client .
11. Select Not Configured .
12. Press Apply and OK .
13. Double-click Configure Windows NTP Client .
14. Select Not Configured .
15. Press Apply and OK .
16. Double-click Enable Windows NTP Server .
17. Select Not Configured .
18. Press Apply and OK .
19. Exit the Group Policy Editor .
20. Close any open policy dialog boxes.
21. Open a CMD.EXE window.
22. Type gpupdate /force and press Enter .
Network is my LOVE
Free Windows Admin Tool Kit Click here and download it now
January 28th, 2010 4:21pm
The Default Domain Controllers Policy GPO was not configured for the Windows Time Service. I have not used GPO’s in the past or in my current case to configure the W32Time Service for the domain.
When I use the net time \\<pdc> /querysntp command it returns the NTP Server I configured.
My problem is a little more complicated. Thanks for your reply. Anyone else got any other ideas?
I’m considering to restore the registry for the service back to default & then go through the KB article again.
January 29th, 2010 12:44am
Hi,
Firewall or other third party software may affect time sync. Please disable them all and test. If the issue persists, please try to monitor the process:
Download Microsoft Network Monitor. http://www.microsoft.com/downloads/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f&displaylang=en
1. Run Network Monitor and start capturing. 2. Try to run w32tm \resync to reproduce this problem.
Stop the capturing, save the result and and use Windows Live SkyDrive (http://www.skydrive.live.com/) to upload the file. If you would like other community member to analyze the report, you can paste the link here, if not, you can send the link to tfwst@microsoft.com.
Thanks.This posting is provided "AS IS" with no warranties, and confers no rights.
Free Windows Admin Tool Kit Click here and download it now
February 4th, 2010 12:24pm