Hi, I want to set up a local (means network internal, reliable time source) on several DCs 2008 R2 of the root domain (Forest/Domain Level 2008 R2) I tried to follow settings at: http://support.microsoft.com/kb/816042/en-us - using manual steps - not using "Fix IT" - but no sync occurred! Q: what did I miss? Thanks in advance for any hints Edith

Hello EH1000, Ever considered a time server appliance? Cheers Miguel Fra / Falcon ITS Computer & Network Support, Miami, FL Visit our Knowledgebase Sharepoint Site

Hi Edith, There should be only one time source in one Forest. All DCs will get time from PDC. So you should perform the suggestions of KB816042 on PDC and run the command below on other DCs and member servers: w32tm /config /syncfromflags:domhier /update and net stop w32time && net start w32time If the result is still not expected, please help to collect the information below: W32tm /monitor >>w32tm.txt Post w32tm.txt here or send to tfwst@microsoft.com with thread title for research. Thanks.This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hello JM, thank you very much for your reply. Sorry, I did not describe my scenario correctly and therefore here my "argument" against: Scenario: Local reliable time source available (without depending on an internet source - see my original post). Now in detail: Root Domain: 2 DCs, same Subnet, same Router IPs and DNS configuration setup correctly. Both DCs configured to use the same local reliable time source. The possible cause of a sync failure could be a "general server/AD DS" problem and then again, if the PDC Emulator is mulfunctioning (means not available as Server or DC), then the domain members would sync with the remaining DC (not being a PDC Emulator) which in turn syncs with the local reliable time source. Question: In above scenario, can I configure both DCs to sync with a "local reliable time source" without any issues ? Edith

In theory you should not have any issues with the proposed design. However, the only concern that I would have is if all of the components are working properly for the clients, but either the PDC Emulator or the Second server are unable to sync their time with the local time server AND the time on one of the server's skews past 5 minutes, you could see issues on the network. Its probably low risk if you go with your design. I cant think of any other issues.Visit: anITKB.com, an IT Knowledge Base.

Hello Mervyn, thank you for your support. I will try with the command w32tm /config ..... and will report back. I have another question regarding this. I have 2 DCs and I know that the one with the PDC Emulator role is the one who should be using the external time source. But what happens if I configure the second DC as well to use the external time source, will it end up in a loops? I could not find anything on that searching MS sites. Why I am asking is, because of "fault torerance" I was asked to configure both DCs accordingly, which I think is not a too good idea, but I do not know the impacts and therefore cannot argument against that. Many thanks Edith

I would not recommend that scenario. You should only configure the PDC role to sync with a time source. Worst case scenario, if the PDC looses the ability to sync, it still remains as the authoritative time source for your domain members. If you have multiple servers sync'ing out, then you would expect time differences if some fail to sync. Keeping one server as the source is the recommended option. If you want to have the correct time in-house, without depending on an internet source, then purchasing a time appliance is a very good low cost option. Visit: anITKB.com, an IT Knowledge Base.

I agree with JM, there should be no problem. However, to achieve this "fault tolerance" goal, you have to manually configure every Domain clients time settings or create a GPO to configure clients time settings. Thanks.This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi, Do you need any other assistance? If there is anything we can do for you, please let us know. Thanks.This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hello Mervyn, sorry that I have been "away" for a while .. Why do I have to configure a GPO for domain clients time settings in ordet to achieve my "fault tolerant" goal? My undestanding is that all domain client will automatically sync it's time with any available DC in it's own domain. So if one of the 2 DCs fail (let's assume the PDC emulator), then they would sync automatically with the remaining DC - which in turn is configured to use a reliable time source. Thanks. Edith

Hi, Thank you for update. I review the post again, you understanding is correct, I think it’s OK to keep the default settings. If you have more questions in the future, you’re welcomed to this forum. Thanks.This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Mervyn, I still cannot sync the PDC Emulator time with external reliable time source. I have setup a test envirnment and my external time source is another windows server 2008 R2 (not being part of AD DS), configured as a time server. I finally applied "FIXIT" from KB816042, but when typing w32tm /resync /rediscover I get the error message that it could not sync " ... because no time data was available". I stopped and started the w32time service, i rebooted the machines etc. not chance to get the sync done. Maybe using another windows server 2008 R2 as a "reliable" external time source is the problem? Any advice would be greatly appriciated.