I have a Windows Hyper-V network. I have 2 domain controllers; both are VMs. DC1 runs on Host01 and DC2 runs on Host02.
On each Domain Controller:
w32tm /query /source returns VM IC Time Synchronization Provider.
On each Host:
w32tm /query /source returns the name of the domain controller.
So the VMs are looking at the host as its NTP source, and the hosts are looking to the VMs as their NTP source. Obviously not good. I can change the Domain Controllers to look at an external NTP server as their time source - OR - I can change the Host to look at an external NTP Server.
What's best practice and pros/cons of one or the other?
I'm leaning towards having the Domain Controllers query an external time server since by default, all of the computers on the network would sync their time with the DCs anyway. This would include the hosts and all other servers as well as all of the workstations.
I read somewhere that there is a potential issue where the VM will revert back to 'VM IC Time Sync' as the source. Has anyone experienced this? I don't mind rechecking this from time to time but if something causes the NTP server to be reset then I'd like to know why, and how to prevent it.
If I edit the Hyper-V properties for the Domain Controller VM and uncheck Integration Services > Time Synchronization that changes the VM's /query /source to Local CMOS Clock. Mentioning this because whether the VM's Hyper-V Time Sync setting is checked or unchecked, I'd like the source to always be an External NTP server that I specify.
