Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » using outside NTP server
using outside NTP server [message #159921] Wed, 12 August 2009 14:00 Go to next message
CNews  is currently offline CNews  United States
Messages: 8
Registered: August 2009
Junior Member
In a single forest/domain with 50 clients 3 DCs 2 sites Is it within best
practices to set all members of this domain
to use an outside ntp server as opposed to the PDC emulator?
I was thinking of doing this in GP. Reasi\on is our PDC emulator is at
another site anyway and has been down a few times in the last month

Regrads

Catra
RE: using outside NTP server [message #159926 is a reply to message #159921] Wed, 12 August 2009 16:11 Go to previous messageGo to next message
Garry Starck-MCITP En  is currently offline Garry Starck-MCITP En
Messages: 69
Registered: July 2009
Member
Hello CNEWS

Windows 2003 Forest: No matter how many domains are in a forest, alsway set
the root domains PDC emulator to use an external NTP source, all other DC's
will use w32time, not NTP to sync via the domain heircarcy. You can also set
the Root PDCE to use it's internal clock (Hardware) as the source. Hoever, if
the motherboard ever gets replaced and in 2 years etc out of whack with the
real time, you may run into some issues remembering that tombstone lifetime
by default in Windows 2003 AD is 60 days. You could also acquire some kind of
atomic time keeping devicse, I still prefer outside NTP time source

Are you running 2003, and at what function levels (domain/forest)?

--
Garry Starck
MCITP Enterprise Administrator, MCTS AD, MCSE 2003 Messaging, MCDBA


"CNews" wrote:

> In a single forest/domain with 50 clients 3 DCs 2 sites Is it within best
> practices to set all members of this domain
> to use an outside ntp server as opposed to the PDC emulator?
> I was thinking of doing this in GP. Reasi\on is our PDC emulator is at
> another site anyway and has been down a few times in the last month
>
> Regrads
>
> Catra
>
>
>
RE: using outside NTP server [message #159927 is a reply to message #159921] Wed, 12 August 2009 16:14 Go to previous messageGo to next message
Garry Starck-MCITP En  is currently offline Garry Starck-MCITP En
Messages: 69
Registered: July 2009
Member
Sorry, forgot to add an articale: http://support.microsoft.com/kb/816042
--
Garry Starck
MCITP Enterprise Administrator, MCTS AD, MCSE 2003 Messaging, MCDBA


"CNews" wrote:

> In a single forest/domain with 50 clients 3 DCs 2 sites Is it within best
> practices to set all members of this domain
> to use an outside ntp server as opposed to the PDC emulator?
> I was thinking of doing this in GP. Reasi\on is our PDC emulator is at
> another site anyway and has been down a few times in the last month
>
> Regrads
>
> Catra
>
>
>
Re: using outside NTP server [message #159942 is a reply to message #159926] Wed, 12 August 2009 19:58 Go to previous messageGo to next message
CNews  is currently offline CNews  United States
Messages: 8
Registered: August 2009
Junior Member
This is just a 2003 Domain -very basic


"Garry Starck-MCITP Enterprise Admin"
<vjsparx@REMOVE_CAPS_INVALIDhotmail.com> wrote in message
news:0477FD24-9358-4E2F-8A2F-C0B9FA797357@microsoft.com...
> Hello CNEWS
>
> Windows 2003 Forest: No matter how many domains are in a forest, alsway
> set
> the root domains PDC emulator to use an external NTP source, all other
> DC's
> will use w32time, not NTP to sync via the domain heircarcy. You can also
> set
> the Root PDCE to use it's internal clock (Hardware) as the source. Hoever,
> if
> the motherboard ever gets replaced and in 2 years etc out of whack with
> the
> real time, you may run into some issues remembering that tombstone
> lifetime
> by default in Windows 2003 AD is 60 days. You could also acquire some kind
> of
> atomic time keeping devicse, I still prefer outside NTP time source
>
> Are you running 2003, and at what function levels (domain/forest)?
>
> --
> Garry Starck
> MCITP Enterprise Administrator, MCTS AD, MCSE 2003 Messaging, MCDBA
>
>
> "CNews" wrote:
>
>> In a single forest/domain with 50 clients 3 DCs 2 sites Is it within best
>> practices to set all members of this domain
>> to use an outside ntp server as opposed to the PDC emulator?
>> I was thinking of doing this in GP. Reasi\on is our PDC emulator is at
>> another site anyway and has been down a few times in the last month
>>
>> Regrads
>>
>> Catra
>>
>>
>>
Re: using outside NTP server [message #159943 is a reply to message #159921] Wed, 12 August 2009 20:55 Go to previous messageGo to next message
aceman  is currently offline aceman  United States
Messages: 5816
Registered: July 2009
Senior Member
"CNews" <cnews@anywhere.com> wrote in message
news:%23YN7Hc4GKHA.3736@TK2MSFTNGP04.phx.gbl...
> In a single forest/domain with 50 clients 3 DCs 2 sites Is it within best
> practices to set all members of this domain
> to use an outside ntp server as opposed to the PDC emulator?
> I was thinking of doing this in GP. Reasi\on is our PDC emulator is at
> another site anyway and has been down a few times in the last month
>
> Regrads
>
> Catra
>


Best practice would indicate to use the default method, that's using the PDC
Emulator. The only thing you would have to configure is the time source on
the PDC Emulator to an outside source, and opening UDP 123 to the PDC
Emulator. I wouldn't suggest to open the whole network to inbound UDP 123. .

My suggestion is to leave the time service alone, and get to the root of why
the DC keeps going down, because that would cause more serious issues, too
many to mention here, if you lose that machine.

--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum to benefit from collaboration
among responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA Messaging
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.
Re: using outside NTP server [message #159944 is a reply to message #159921] Wed, 12 August 2009 21:08 Go to previous messageGo to next message
aceman  is currently offline aceman  United States
Messages: 5816
Registered: July 2009
Senior Member
"CNews" <cnews@anywhere.com> wrote in message
news:%23YN7Hc4GKHA.3736@TK2MSFTNGP04.phx.gbl...
> In a single forest/domain with 50 clients 3 DCs 2 sites Is it within best
> practices to set all members of this domain
> to use an outside ntp server as opposed to the PDC emulator?
> I was thinking of doing this in GP. Reasi\on is our PDC emulator is at
> another site anyway and has been down a few times in the last month
>
> Regrads
>
> Catra
>


It appears this is related to your other post concerning the bad DC.I hope
you can get that back up and running. But stick to the default time service.
For your size network, it's not work trying to go against the way the
default time service works. Let's get the DC back up and running...

Ace
Re: using outside NTP server [message #159947 is a reply to message #159921] Wed, 12 August 2009 23:22 Go to previous message
meiweb(nospam)  is currently offline meiweb(nospam)  Germany
Messages: 1307
Registered: July 2009
Senior Member
Hello Cnews,

In a domain the DC with the PDCemulator is the time source for the rest of
the domain, all DCs sync with it and member servers and workstations synz
with one available DC. So do not configure other time sources for domain
members.

PDCEmulator:

w32tm /config /manualpeerlist:PEERS /syncfromflags:manual /reliable:yes /update

With "PEERS" you can set the time source, either DNS name (time.windows.com)
or an ip address from a reliable time source.

Here you can find some of them:
http://www.pool.ntp.org/



Client configuration:
To configure a client computer for automatic domain time synchronization

w32tm /config /syncfromflags:domhier /update

After that run:
net stop w32time
net start w32time

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> In a single forest/domain with 50 clients 3 DCs 2 sites Is it within
> best
> practices to set all members of this domain
> to use an outside ntp server as opposed to the PDC emulator?
> I was thinking of doing this in GP. Reasi\on is our PDC emulator is
> at
> another site anyway and has been down a few times in the last month
> Regrads
>
> Catra
>
Previous Topic:Share printers in 2003 domain
Next Topic:the server is not operational
Goto Forum:
  


Current Time: Wed Jan 17 04:15:30 MST 2018

Total time taken to generate the page: 0.03633 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software