Workstation time not staying synced with domain controller
Our network is made up of Windows XP Pro x86 workstations attached to a Windows Server 2008 x64 read-only domain controller. We have found that the time on our workstations is not staying synced with the RODC, and the RODC is not staying synced with the writable DC's. We don't find any errors in the system or application logs relating to time, and the command net time /set does work to sync up the time, but it will get out of sync again a few days later. Are their firewall ports that need to be opened for time? Any other suggestions on what I should check into?
December 14th, 2009 5:46pm
Yes, you'll need to let port 123 UDP through firewall. Also Ryan's blog may be helpful.http://blogs.msdn.com/w32time/default.aspxRegards,
Dave Patrick ....
Microsoft Certified Professional
Microsoft MVP [Windows]
Free Windows Admin Tool Kit Click here and download it now
December 14th, 2009 6:20pm
Dave - Thanks! That document pointed me in the right direction.
December 14th, 2009 9:25pm
Good to hear and you're welcome.Regards,
Dave Patrick ....
Microsoft Certified Professional
Microsoft MVP [Windows]
Free Windows Admin Tool Kit Click here and download it now
December 14th, 2009 9:27pm
Well, I finally found my solution, which had nothing to do with anything I had read so far. In my original post, I left out the fact that all of my domain controllers are virtual servers running on Hyper-V. My problem was being caused by the virtual syncing with the physical host because the Time Synchronization service was selected in the integrated services settings for the VM. Once I removed that service, the DC's began syncing with the PDC properly. Still, the info Dave provides is excellent info.
December 15th, 2009 4:36pm
Thanks for writing back.Regards,
Dave Patrick ....
Microsoft Certified Professional
Microsoft MVP [Windows]
Free Windows Admin Tool Kit Click here and download it now
December 16th, 2009 6:55am