Fix:
Step 1 Locate the PDC Emulator.
1. On a domain controller, Click Start > Run > dsa.msc{Enter}
2. Expand AD Users and computers
3. Right click the domain > Operations Masters > PDC Tab
4. Take note of the PDC emulator’s name.
Step 2 Firewall config
1. Ensure UDP Port 123 is open outbound from the PDC Emulator.
Step 3 Configure the PDC Emulator to collect Reliable Time
1. On the PDC emulator Click Start > Run > cmd {Enter}
2. At command line type the following command,
w32tm /config /manualpeerlist:ntp2d.mcc.ac.uk /syncfromflags:manual /reliable:yes /update
Note: UK NTP Servers http://www.timetools.co.uk/info/ntp-servers-public/ntp-server-uk-stratum-2.htm
3. It should say "The command completed successfully."
4. Execute the following commands
net stop "windows time"
net start "windows time"
W32TM /resync
5. It should say "The command completed successfully."
6. Look in the servers Event log > System Log for Event ID 37
---------------------------------------------------------------
Event Type: Information
Event Source: W32Time
Event Category: None
Event ID: 37
Date: xx/xx/xxxx
Time: xx:xx:xx
User: N/A
Computer: {servername}
Description:
The time provider NtpClient is currently receiving valid time data from ntp2d.mcc.ac.uk (ntp.m|0x0|10.0.0.1:123->130.88.203.64:123).
For more
information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---------------------------------------------------------------
7. You may also see Event ID 35
---------------------------------------------------------------
Event Type: Information
Event Source: W32Time
Event Category: None
Event ID: 35
Date: xx/xx/xxxx
Time: xx:xx:xx
User: N/A
Computer: {servername}
Description:
The time service is now synchronizing the system time with the time source ntp2d.mcc.ac.uk (ntp.m|0x0|10.0.0.1:123->130.88.203.64:123).
For more
information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
---------------------------------------------------------------
Step 4 Check the domain clients.
1. Click Start > Run > cmd {enter}
2. Execute the following command
w32tm /monitor
3. You will see the time on all the domain controllers this client can see..
C:\Documents and Settings\Administrator.yourdomain>w32tm /monitor
server-dc.yourdomain.co.uk [192.168.1.1]:
ICMP: 0ms delay.
NTP: +363.2032725s offset from server-pdc.yourdomain.co.uk
RefID: server-pdc.yourdomain.co.uk [192.168.69.6]
site2-dc.yourdomain.co.uk [192.168.2.1]:
ICMP: 70ms delay.
NTP: +0.0470237s offset from server-pdc.yourdomain.co.uk
RefID: dc.yourdomain.co.uk [192.168.69.4]
serverdc2.yourdomain.co.uk [192.168.1.4]:
ICMP: 0ms delay.
NTP: +0.0000553s offset from server-pdc.yourdomain.co.uk
RefID: server-pdc.yourdomain.co.uk [192.168.1.6]
server-pdc.yourdomain.co.uk *** PDC *** [192.168.1.6]:
ICMP: 0ms delay.
NTP: +0.0000000s offset from server-pdc.yourdomain.co.uk
RefID: scarp.mc.man.ac.uk [130.88.203.64]
(In the case above the time on server-dc is way out address that first - it was a 2000 server and net time \\server-pdc {enter} fixed it).
4. Once all the domain controllers have a time that’s accurate (Like the last three in the example above), then proceed.
5. Execute the following commands
net stop "windows time"
net start "windows time"
w32tm /resync
6. The Machines event log should log the following successful events
Event ID 37 (The time provider NtpClient is currently receiving valid time data from..).
Event ID 38 (The time provider NtpClient is currently receiving valid time data from..).
|
