Veaam Backup and Replication

  KB 0000112
  Dated 30/05/12
  Revision 2.02
   

Windows - Setting Domain Time

Event ID's 12, 22, 29, 36, 38, 47, and 50
 

Problem
If you have arrived here, you have either noticed that the time is wrong on your server(s) or client PC(s), or you have looked in the event viewer and seen one of the following events being logged. Event ID's 12, 22, 29, 36, 38, 47, and 50.
12
22
29
36
38
47
50		 W32 Time Time Provider Ntp Client: This machine is configured..
The time provider NtpServer encountered an error while digitally..
The time provider NtpClient is configured to acquire time from one or..
The time service has not synchronized the system time for 86400..
The time provider NtpClient cannot reach or is currently receiving invalid..
Time Provider NtpClient: No valid response has been received from..
The time service detected a time difference of greater than 5000..

Time Problem Events - On the PDC Emulator

Event ID 12 (W32 Time Time Provider NtpClient: This machine is configured to use {text omitted}, but it is the PDC emulator...).
Event ID 29 (The time provider NtpClient is configured to acquire time from one or more time sources...).
Event ID 36 (The time service has not synchronized the system time for 86400 seconds...).
Event ID 38 (The time provider NtpClient cannot reach or is currently receiving invalid time data from...).
Event ID 47 (Time Provider NtpClient: No valid response has been received from manually configured peer...).

Time Problem Events - On Domain Members

Event ID 50 (The time service detected a time difference of greater than 5000 milliseconds for 900 seconds...).
Event ID 22 (The time provider NtpServer encountered an error while digitally signing the NTP response for peer...).

Solution

Step 1 Locate the PDC Emulator

1. On a domain controller, Click Start > Run > dsa.msc {Enter}.
2. Expand AD Users and computers.
3. Right click the domain > Operations Masters > PDC Tab.
4. Take note of the PDC emulator’s name.

Step 2 Firewall config

1. Ensure UDP Port 123 is open outbound from the PDC Emulator. How this is done will vary depending on your firewall vendor. If you have a Cisco ASA or a Cisco PIX see my article here.

Step 3 Configure the PDC Emulator to collect Reliable Time

1. On the PDC emulator Click Start > Run > cmd {Enter}.
2. At command line execute the following commands;

Note: If you are NOT in the UK or simply want to use a different NTP time server go here for alternatives.

3. Look in the servers Event log > System Log for Event ID 37.

Event ID 37 Client

---------------------------------------------------------------
Event Type: Information
Event Source: W32Time
Event Category: None
Event ID: 37
Date: xx/xx/xxxx
Time: xx:xx:xx
User: N/A
Computer: {servername}
Description:
The time provider NtpClient is currently receiving valid time data from ntp2d.mcc.ac.uk (ntp.m|0x0|10.0.0.1:123->130.88.203.64:123).

For more
information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---------------------------------------------------------------

4. You will also see Event ID 35.

Event ID 35 Server

---------------------------------------------------------------
Event Type: Information
Event Source: W32Time
Event Category: None
Event ID: 35
Date: xx/xx/xxxx
Time: xx:xx:xx
User: N/A
Computer: {servername}
Description:
The time service is now synchronizing the system time with the time source ntp2d.mcc.ac.uk (ntp.m|0x0|10.0.0.1:123->130.88.203.64:123).

For more
information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---------------------------------------------------------------

Step 4 Check the domain clients

1. Click Start > Run > cmd {enter}.
2. Execute the following command

3. You will see the time this client can see, on all the domain controllers.

C:\Documents and Settings\Administrator.yourdomain>w32tm /monitor
server-dc.yourdomain.co.uk [192.168.1.1]:
ICMP: 0ms delay.
NTP: +363.2032725s offset from server-pdc.yourdomain.co.uk
RefID: server-pdc.yourdomain.co.uk [192.168.69.6]
site2-dc.yourdomain.co.uk [192.168.2.1]:
ICMP: 70ms delay.
NTP: +0.0470237s offset from server-pdc.yourdomain.co.uk
RefID: dc.yourdomain.co.uk [192.168.69.4]
serverdc2.yourdomain.co.uk [192.168.1.4]:
ICMP: 0ms delay.
NTP: +0.0000553s offset from server-pdc.yourdomain.co.uk
RefID: server-pdc.yourdomain.co.uk [192.168.1.6]
server-pdc.yourdomain.co.uk *** PDC *** [192.168.1.6]:
ICMP: 0ms delay.
NTP: +0.0000000s offset from server-pdc.yourdomain.co.uk
RefID: scarp.mc.man.ac.uk [130.88.203.64]

(In the case above the time on server-dc is way out, address that first - it was a Windows 2000 server and running "net time \\server-pdc" {enter} fixed it).

4. Once all the domain controllers have a time that’s accurate (like the last three in the example above), then proceed.

5. Execute the following commands on a client machine;

6. The machines event log should show the following successful events;

Event ID 37 (The time provider NtpClient is currently receiving valid time data from..).

Event ID 37 Client

Event ID 35 (The time provider NtpClient is currently receiving valid time data from..).

Event ID 35 Client

 

Problems

Error "The computer did not resync because no time data was available."
This happens if the server cannot resolve the name or UDP 123 is NOT open outbound.

If you are SURE that the NTP port is not being blocked by a firewall, then the next most likely cause is, this machine is having its time provider altered by group policy. Make sure within the following policy;

All the entries are set to "Not Configured" (after altering the policy don't forget to run "gpupdate /force" on the client), then repeat the process above.
References - Credits - Or External Links

Cisco ASA - Configuring for NTP

Original article written 10/11/09