Line 34: | Line 34: | ||
w32tm /query /configuration | w32tm /query /configuration | ||
+ | |||
+ | == External Time Source GPO == | ||
+ | The PDC Emulator FSMO role is critical because it it the time source for the rest of the devices on the domain. | ||
+ | In the event that your PDC goes down, you will likely transfer or seize the role onto another Domain Controller. | ||
+ | The problem with this is the new DC was most likely never configured for an external time source. The solution is to create a Group Policy object that sets the external NTP settings, and create a WMI filter that applies this GPO to only the PDCs within the domain. | ||
+ | |||
+ | === WMI Filter === | ||
+ | SELECT * FROM Win32_ComputerSystem WHERE DomainRole = 5 | ||
+ | |||
+ | |||
+ | === GPO === | ||
+ | Link the following GPO to the Domain Controllers OU. | ||
+ | Computer Configuration\Policies\Administrative Templates\System\Windows Time Service\Time Providers | ||
+ | *Configure Windows NTP Client | ||
+ | **NTP Server: us.pool.ntp.org,0x1 | ||
+ | **Type: NTP | ||
+ | **EventLogFlags: 3 | ||
+ | *Enable Windows NTP Server = Enabled | ||
Revision as of 19:48, 30 September 2013
Contents
Windows 2003 & XP
Stop the Windows Time service
net stop w32time
Force a resync
w32tm /resync
Set the time source
net time /setsntp:<Time_Source>
View the current time source
net time /querysntp
Note: In most cases you dont need to stop the w32time service anymore.
Windows 2008 & 2012 Server
Stop the W32Time service:
net stop w32time
Configure the external time sources:
w32tm /config /syncfromflags:manual /manualpeerlist:'0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org'
Make your PDC a reliable time source for the clients:
w32tm /config /reliable:yes
Start the w32time service:
net start w32time
The windows time service should begin synchronizing the time.
Check the external NTP servers in the time configuration by typing:
w32tm /query /configuration
External Time Source GPO
The PDC Emulator FSMO role is critical because it it the time source for the rest of the devices on the domain. In the event that your PDC goes down, you will likely transfer or seize the role onto another Domain Controller. The problem with this is the new DC was most likely never configured for an external time source. The solution is to create a Group Policy object that sets the external NTP settings, and create a WMI filter that applies this GPO to only the PDCs within the domain.
WMI Filter
SELECT * FROM Win32_ComputerSystem WHERE DomainRole = 5
GPO
Link the following GPO to the Domain Controllers OU. Computer Configuration\Policies\Administrative Templates\System\Windows Time Service\Time Providers
- Configure Windows NTP Client
- NTP Server: us.pool.ntp.org,0x1
- Type: NTP
- EventLogFlags: 3
- Enable Windows NTP Server = Enabled