PeteNetLive - KB0000112


	KB	0000112
	Dated	10/11/09
	Revision	0.01

Event ID	Title
12 22 29 36 38 47 50	W32 Time Time Provider NtpClient: This machine is configured.. The time provider NtpServer encountered an error while digitally.. The time provider NtpClient is configured to acquire time from one or.. The time service has not synchronized the system time for 86400.. The time provider NtpClient cannot reach or is currently receiving invalid.. Time Provider NtpClient: No valid response has been received from.. The time service detected a time difference of greater than 5000..
Cause: Misc Domain timing problems run through the steps below Problem Events - On the PDC Emulator Event ID 12 (W32 Time Time Provider NtpClient: This machine is configured to use {text omitted}, but it is the PDC emulator...). Event ID 29 (The time provider NtpClient is configured to acquire time from one or more time sources...). Event ID 36 (The time service has not synchronized the system time for 86400 seconds...). Event ID 38 (The time provider NtpClient cannot reach or is currently receiving invalid time data from...). Event ID 47 (Time Provider NtpClient: No valid response has been received from manually configured peer...). Problem Events - On Domain Members Event ID 50 (The time service detected a time difference of greater than 5000 milliseconds for 900 seconds...). Event ID 22 (The time provider NtpServer encountered an error while digitally signing the NTP response for peer...).
Fix: Step 1 Locate the PDC Emulator. 1. On a domain controller, Click Start > Run > dsa.msc{Enter} 2. Expand AD Users and computers 3. Right click the domain > Operations Masters > PDC Tab 4. Take note of the PDC emulator’s name. Step 2 Firewall config 1. Ensure UDP Port 123 is open outbound from the PDC Emulator. Step 3 Configure the PDC Emulator to collect Reliable Time 1. On the PDC emulator Click Start > Run > cmd {Enter} 2. At command line type the following command, w32tm /config /manualpeerlist:ntp2d.mcc.ac.uk /syncfromflags:manual /reliable:yes /update Note: UK NTP Servers http://www.timetools.co.uk/info/ntp-servers-public/ntp-server-uk-stratum-2.htm 3. It should say "The command completed successfully." 4. Execute the following commands net stop "windows time" net start "windows time" W32TM /resync 5. It should say "The command completed successfully." 6. Look in the servers Event log > System Log for Event ID 37 --------------------------------------------------------------- Event Type: Information Event Source: W32Time Event Category: None Event ID: 37 Date: xx/xx/xxxx Time: xx:xx:xx User: N/A Computer: {servername} Description: The time provider NtpClient is currently receiving valid time data from ntp2d.mcc.ac.uk (ntp.m\|0x0\|10.0.0.1:123->130.88.203.64:123). For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. --------------------------------------------------------------- 7. You may also see Event ID 35 --------------------------------------------------------------- Event Type: Information Event Source: W32Time Event Category: None Event ID: 35 Date: xx/xx/xxxx Time: xx:xx:xx User: N/A Computer: {servername} Description: The time service is now synchronizing the system time with the time source ntp2d.mcc.ac.uk (ntp.m\|0x0\|10.0.0.1:123->130.88.203.64:123). For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. --------------------------------------------------------------- Step 4 Check the domain clients. 1. Click Start > Run > cmd {enter} 2. Execute the following command w32tm /monitor 3. You will see the time on all the domain controllers this client can see.. C:\Documents and Settings\Administrator.yourdomain>w32tm /monitor server-dc.yourdomain.co.uk [192.168.1.1]: ICMP: 0ms delay. NTP: +363.2032725s offset from server-pdc.yourdomain.co.uk RefID: server-pdc.yourdomain.co.uk [192.168.69.6] site2-dc.yourdomain.co.uk [192.168.2.1]: ICMP: 70ms delay. NTP: +0.0470237s offset from server-pdc.yourdomain.co.uk RefID: dc.yourdomain.co.uk [192.168.69.4] serverdc2.yourdomain.co.uk [192.168.1.4]: ICMP: 0ms delay. NTP: +0.0000553s offset from server-pdc.yourdomain.co.uk RefID: server-pdc.yourdomain.co.uk [192.168.1.6] server-pdc.yourdomain.co.uk * PDC * [192.168.1.6]: ICMP: 0ms delay. NTP: +0.0000000s offset from server-pdc.yourdomain.co.uk RefID: scarp.mc.man.ac.uk [130.88.203.64] (In the case above the time on server-dc is way out address that first - it was a 2000 server and net time \\server-pdc {enter} fixed it). 4. Once all the domain controllers have a time that’s accurate (Like the last three in the example above), then proceed. 5. Execute the following commands net stop "windows time" net start "windows time" w32tm /resync 6. The Machines event log should log the following successful events Event ID 37 (The time provider NtpClient is currently receiving valid time data from..). Event ID 38 (The time provider NtpClient is currently receiving valid time data from..).
Problems Error "The computer did not resync because no time data was available." If the server cannot resolve the name or UDP 123 is NOT open outbound you will see this error. Also see http://www.msfn.org/board/lofiversion/index.php/t67060.html