Forum Search:
Forum.Brain-Cluster.com: Brain Cluster Technical Forum
Ultimate forum for Technical Discussions

Home » Microsoft » Windows Server » Active Directory » Pushing NTP settings down to XP Clients
Pushing NTP settings down to XP Clients [message #390329] Fri, 12 February 2010 14:16 Go to next message
Charles Buege  is currently offline Charles Buege
Messages: 3
Registered: February 2010
Junior Member
Everyone -

I'm trying to get my client machines to update their SNTP settings
to be not set for time.microsoft.com. The one I'm trying to use is
a military time server.

We've had an ongoing problem where people's times would set
themselves back about 5 minutes randomly throughout the day and this
is getting in the way for a number of reasons (people late to
appointments, collecting test data, etc.).

So, what I want to try to do is force a chance to all of the SNTP
servers. Does anyone have any suggestions other than this one?
I'll take any and all suggestions anyone has!! Either post here or
e-mail me!!

Thanks in advance,
Charlie


--
--------------------------------- --- -- -
Posted with NewsLeecher v4.0 Beta 12
Web @ http://www.newsleecher.com/?usenet
------------------- ----- ---- -- -
Re: Pushing NTP settings down to XP Clients [message #390362 is a reply to message #390329] Fri, 12 February 2010 14:48 Go to previous messageGo to next message
RCan  is currently offline RCan  Germany
Messages: 248
Registered: January 2010
Senior Member
Hi Charles,

NTP cannot be "published" in that way. Also I wouldn't let "talk" each
client with an external NTP server cause it generates unneccessary traffic
there. You should should sync one server/client - ideally your DC - and
point the others to it.

This can be configured via registry settings or via command line.

that should work here :
w32tm /config /syncfromflags:manual /manualpeerlist:your.ntp.fqdn
w32tm /config /update

How to configure an authoritative time server in Windows Server
http://support.microsoft.com/kb/816042

Windows Time Service and Internet Communication
http://technet.microsoft.com/en-us/library/cc779145%28WS.10% 29.aspx

if you have a domain environment the clients will automatically sync their
time with the DC - which is good in that case. Just configure on the DC an
external NTP server which does sync himself and you will have a well "timed"
environment ;-)

Regards
Ramazan

"Charles Buege" <cbuege@moreycorp.com> wrote in message
news:16KdnZ4-Q4qwWOjWnZ2dnUVZ_qhi4p2d@giganews.com...
> Everyone -
>
> I'm trying to get my client machines to update their SNTP settings
> to be not set for time.microsoft.com. The one I'm trying to use is
> a military time server.
>
> We've had an ongoing problem where people's times would set
> themselves back about 5 minutes randomly throughout the day and this
> is getting in the way for a number of reasons (people late to
> appointments, collecting test data, etc.).
>
> So, what I want to try to do is force a chance to all of the SNTP
> servers. Does anyone have any suggestions other than this one?
> I'll take any and all suggestions anyone has!! Either post here or
> e-mail me!!
>
> Thanks in advance,
> Charlie
>
>
> --
> --------------------------------- --- -- -
> Posted with NewsLeecher v4.0 Beta 12
> Web @ http://www.newsleecher.com/?usenet
> ------------------- ----- ---- -- -
>
Re: Pushing NTP settings down to XP Clients [message #390608 is a reply to message #390329] Fri, 12 February 2010 23:29 Go to previous messageGo to next message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello Charles,

If you talk about domain machines, then the domain controllers will sync
with the DC that has the PDCEmulator FSMO and all other domain members will
sync with an available DC. That's the default mechanism in a domain, where
all machines must have the same time.

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> Everyone -
>
> I'm trying to get my client machines to update their SNTP settings to
> be not set for time.microsoft.com. The one I'm trying to use is a
> military time server.
>
> We've had an ongoing problem where people's times would set themselves
> back about 5 minutes randomly throughout the day and this is getting
> in the way for a number of reasons (people late to appointments,
> collecting test data, etc.).
>
> So, what I want to try to do is force a chance to all of the SNTP
> servers. Does anyone have any suggestions other than this one? I'll
> take any and all suggestions anyone has!! Either post here or e-mail
> me!!
>
> Thanks in advance,
> Charlie
Re: Pushing NTP settings down to XP Clients [message #391869 is a reply to message #390362] Mon, 15 February 2010 07:48 Go to previous messageGo to next message
Charles Buege  is currently offline Charles Buege
Messages: 3
Registered: February 2010
Junior Member
Ramazan -

That's kinda what I figured as well. Here's the issue, though, and
if anyone else wants to throw in their two cents, please feel free!!

What we're having happen is that, periodically through the day,
people's clocks are being pushed back 5 minutes then they will
slowly (over a day or two) sync back up. They'll be fine for a
while then go out of sync again. I can't find any correlation
between the two.

I've checked the machines themselves in case it is a CMOS battery
issue, but that doesn't seem to be the case. I've got our primary
domain controller trying to do the time syncrinization, but that
doesn't seem to keep it synced.

Anyone have any other suggestions as to what I could do to get this
working? If it is helpful, I will post the registry settings that I
added to our domain controller for time sync but I wanted to see if
anyone else had encountered a similar problem first before I put all
that up.

Thanks,
Charlie


--
--------------------------------- --- -- -
Posted with NewsLeecher v4.0 Beta 13
Web @ http://www.newsleecher.com/?usenet
------------------- ----- ---- -- -
Re: Pushing NTP settings down to XP Clients [message #392534 is a reply to message #391869] Tue, 16 February 2010 02:41 Go to previous messageGo to next message
Jonathan de Boyne Pol  is currently offline Jonathan de Boyne Pol  United Kingdom
Messages: 232
Registered: January 2010
Senior Member
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
<blockquote cite="mid:Dd6dnejf4bRXw-TWnZ2dnUVZ_gti4p2d@giganews.com"
type="cite">
<p wrap="">What we're having happen is that, periodically through the
day, people's clocks are being pushed back 5 minutes then they will
slowly (over a day or two) sync back up. <br>
</p>
</blockquote>
<p>Hypothesis #1 (that you need to test for): <em>Something else</em>,
not the Windows Time Service, is setting the clocks back by five
minutes, and it's WTS that is bringing them into line again.&nbsp; Are those
machines running some program or script that messes with their clocks?&nbsp;
Do the accounts of the people logging on to those machines have the
requisite privileges that enable them to mess with the clock?<br>
</p>
<p>Hypothesis #2 (that you need to test for): You actually have two
time synchronization hierarchies, rather than the default WTS
configuration (which is a single hierarchy with the PDCE at the apex),
and for some bizarre reason one hierarchy is 5 minutes behind the other.<br>
</p>
</body>
</html>
Re: Pushing NTP settings down to XP Clients [message #392599 is a reply to message #392534] Tue, 16 February 2010 06:55 Go to previous messageGo to next message
Charles Buege  is currently offline Charles Buege
Messages: 3
Registered: February 2010
Junior Member
More info in my ongoing saga....

Okay, now after doing more looking, it appears that one of the DC's
(SERVER002) for my AD, a Windows 2003 server, is the machine running
about 5 minutes behind. All of my other servers are running the
right time and getting it off of one of my other DCs (SERVER003).

How can I check to see where SERVER002 is getting its time
information from? If I do a net time /querysntp from SERVER002 and
from SERVER003, I get the same response:
tock.usno.navy.mil,0x1

Could SERVER002 be resetting itself to a BIOS clock possibly? I
don't have any atomic clock programs or such running on the
machines. The servers are both IBM Blade Servers, model HS21 in
case that helps with any ideas.

Thanks,
Charlie


--
--------------------------------- --- -- -
Posted with NewsLeecher v4.0 Beta 13
Web @ http://www.newsleecher.com/?usenet
------------------- ----- ---- -- -
Re: Pushing NTP settings down to XP Clients [message #392616 is a reply to message #392599] Tue, 16 February 2010 07:10 Go to previous messageGo to next message
meiweb  is currently offline meiweb  Germany
Messages: 2225
Registered: September 2009
Senior Member
Hello Charles,

Make sure to configure the DC WITH the PDCEmulator role to a valid time source:
w32tm /config /manualpeerlist:PEERS /syncfromflags:manual /reliable:yes /update

With "PEERS" you can set the time source, either DNS name (time.windows.com)
or an ip address from a reliable time source.

Here you can find some of them:
http://www.pool.ntp.org/

On all other domain machines run for resyncing:
w32tm /config /syncfromflags:domhier /update

After that run:
net stop w32time
net start w32time

Best regards

Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm


> More info in my ongoing saga....
>
> Okay, now after doing more looking, it appears that one of the DC's
> (SERVER002) for my AD, a Windows 2003 server, is the machine running
> about 5 minutes behind. All of my other servers are running the right
> time and getting it off of one of my other DCs (SERVER003).
>
> How can I check to see where SERVER002 is getting its time
> information from? If I do a net time /querysntp from SERVER002 and
> from SERVER003, I get the same response:
> tock.usno.navy.mil,0x1
> Could SERVER002 be resetting itself to a BIOS clock possibly? I don't
> have any atomic clock programs or such running on the machines. The
> servers are both IBM Blade Servers, model HS21 in case that helps with
> any ideas.
>
> Thanks,
> Charlie
Re: Pushing NTP settings down to XP Clients [message #392766 is a reply to message #392599] Tue, 16 February 2010 09:30 Go to previous messageGo to next message
Jonathan de Boyne Pol  is currently offline Jonathan de Boyne Pol  United Kingdom
Messages: 232
Registered: January 2010
Senior Member
>
>
> How can I check to see where SERVER002 is getting its time information
> from? If I do a net time /querysntp from SERVER002 and from SERVER003,
> I get the same response:
> tock.usno.navy.mil,0x1
>
That confirms hypothesis #2. You have multiple hierarchies.

> Could SERVER002 be resetting itself to a BIOS clock possibly?
>
It's more likely that it simply cannot talk to the NTP server that you
told it to talk to, hasn't ever been able to do so, and has just
drifted. It's time for you to read your server's logs.
Re: Pushing NTP settings down to XP Clients [message #393235 is a reply to message #392599] Tue, 16 February 2010 22:19 Go to previous message
aceman  is currently offline aceman  United States
Messages: 5816
Registered: July 2009
Senior Member
"Charles Buege" <cbuege@moreycorp.com> wrote in message
news:maKdnRgEXbVBPufWnZ2dnUVZ_uWgnZ2d@giganews.com...
> More info in my ongoing saga....
>
> Okay, now after doing more looking, it appears that one of the DC's
> (SERVER002) for my AD, a Windows 2003 server, is the machine running
> about 5 minutes behind. All of my other servers are running the
> right time and getting it off of one of my other DCs (SERVER003).
>
> How can I check to see where SERVER002 is getting its time
> information from? If I do a net time /querysntp from SERVER002 and
> from SERVER003, I get the same response:
> tock.usno.navy.mil,0x1
>
> Could SERVER002 be resetting itself to a BIOS clock possibly? I
> don't have any atomic clock programs or such running on the
> machines. The servers are both IBM Blade Servers, model HS21 in
> case that helps with any ideas.
>
> Thanks,
> Charlie
>
>
> --
> --------------------------------- --- -- -
> Posted with NewsLeecher v4.0 Beta 13
> Web @ http://www.newsleecher.com/?usenet
> ------------------- ----- ---- -- -
>


Run the following on each DC and post the results:

w32tm /monitor

And DO NOT USE the "net time" command. It is useless in a domain environment
because of the time hierarchy, as Jonathan indicated.

Time Hierarchy: Workstations get their time sync from the DC that logged
them on. If the DC that logged them on is not the PDC Emulator, it will get
its time from the PDC Emulator in the domain it is a DC of. If the PDC
Emulator is in a child domain, it will get its time sync from the PDC
Emulator in its parent domain, ultimately getting time sync from the PDC
Emulator in the forest root domain, which MUST be configured to an external
time source.

Read more about the time service, how to configure it, and how to
troubleshoot it in my blog, please. Some of the info was already posted by
Meinolf, RCan and Jonathan. I tried to provide a complete overall in one
blog on the time service. I hope you find it helpful.

And keep in mind, by default, the time hierarchy JUST WORKS. As Jonathan
mentioned, it appears something else is setting the time off but is
re-syncing from the DC that logged them on.

Configuring the Windows Time Service for Windows Server
http://msmvps.com/blogs/acefekay/archive/2009/09/18/configur ing-the-windows-time-service-for-windows-server.aspx


--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE &
MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services

If you feel this is an urgent issue and require immediate assistance, please
contact Microsoft PSS directly. Please check http://support.microsoft.com
for regional support phone numbers.
Previous Topic:AD 2008 integrated RLZ
Next Topic:Restored Object (Computer) from AD Deleted Items gives Error of Duplicate Name on the Network! (Ad
Goto Forum:
  


Current Time: Tue Jan 23 16:26:37 MST 2018

Total time taken to generate the page: 0.15888 seconds
.:: Contact :: Home ::Sitemap::.

Powered by: FUDforum 3.0.0RC2.
Copyright ©2001-2009 FUDforum Bulletin Board Software