2

Something is setting (the incorrect) time on our network- though I don't know what it is (since we have approx 40 servers). We run on a windows network, with AD etc. Not sure where to even begin to start looking- as far as I know, we don't run an NTP server in house.

Any advice?

Thanks

AliGibbs
  • 2,323
  • 21
  • 34

4 Answers4

5

  • Ad serves as NTP like service intern for clients, and the AD PDC emulator is the time source for all AD systems.

  • So, start checking on the AD PDC Emulator - it is the time source on your network.

  • Adjust there. Pray it is forward (time lags) as anything else is nasty in active directory.

  • Adjust on servers after that.

TomTom
  • 51,649
  • 7
  • 54
  • 136
  • 3
    +1. You can identify which server(s) hold which FSMO roles using the steps described in this article. http://support.microsoft.com/kb/324801 – jscott May 10 '10 at 13:19
  • Time is running slowly, found the AD PDC Emulator and changed the time there. How long should it take to replicate to all clients? – AliGibbs May 10 '10 at 13:22
  • 1
    Depends how much you changed it. A restart should fix them NOW. – TomTom May 10 '10 at 14:01
  • 1
    You can also force it: `w32tm /resync` http://technet.microsoft.com/en-us/library/bb491016.aspx – jscott May 10 '10 at 14:37
1

All members workstations and servers in the domain syncs their time to the machine having the PDC emulator role (usually the first DC in your AD), chances are that the PDC does not have a correct time, you may want to make it sync to an external ntp stratum 2 server matching your zone.

Maxwell
  • 5,076
  • 1
  • 26
  • 31
0

Yes, I had the same problem. Your DC sets the time for all member servers.

You need this for Kerberos to work properly, so you should sync to a proper government or university run NTP server, with redundancy.

See this, or google for how to set time on your DC.

Gomibushi
  • 1,313
  • 1
  • 12
  • 21
0

You need to see what is the offset of the time. If it is a nice round number - i.e. multiples of half-hour or full-hour differences, it could be a combination of two problems: first, your machine is synchronising its time with a remote network server; and second, you have your time-zone information set incorrectly or you have set your hardware time and system time to the same thing.

You can easily block all off-network NTP synchronisations at the router level by changing the firewall settings. For the second and third, you may need to change your BIOS settings and/or your OS settings.

sybreon
  • 7,405
  • 1
  • 21
  • 20