Configuring Domain Controller and Standalone Server To NTP Server

This month I was working some domain controller to point to NTP Time Server. It was need to be more careful and need handy on the registry as well. However, with this KB article http://support.microsoft.com/kb/816042 helps a lot. Thank to Microsoft.

What Was doing is that to point the PDC Emulator to NTP Time Server. In some large environment, by identifying the Server that hold PDC Emulator of domain controller is vital.

To point the domain controller to NTP Time Server is either to edit the Registry or using Command.

By Using Command is simple,

w32tm /config /syncfromflags:manual /manualpeerlist:192.168.1.10

However, I prefer to edit Registry. Before I modify the registry, I backup the servers and export the registry. This is to restore back if something failure.

1. Run Regedit

2. Expand the tree and find the registry key

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\W32Time\Parameters\Type

Change from NT5DS to NTP

3. change the Announce Flags at the registry key

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\W32Time\Config\AnnounceFlags

Edit the DWORD Value to 5. notice that the default value is “a”

4. Enable the NTP Server at the registry key

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\W32Time\TimeProvides\NTPServer\Enabled

Change the value from 0 to 1

5. Change the NTPServer IP at the registry key

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\W32Time\Parameters\NtpServer

Change from time.windows.com,0x1 to the IP address of NTP time Server. For example,  192.168.1.1,0×1

6. Stop and Start the Service

Net Stop W32time

Net Start W32time

Here is the result below:

 


For synchronizing the time on the domain members and other domain controller / child domain controller, you need to wait 15-30 minutes to update or you can manually sync using command below:

w32tm /resync

For Standalone Workgroup Server, There are 2 option: 1. Point Directly to NTP Time Server or 2.Point and Synchronize to the PDC domain controller. So,  I just need to point not directly to NTP Time Server because in my environment, it has the domain controller.

how and I going to do it?

1. Edit and Modify the Registry at

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\W32Time\Parameters\NtpServer

Change from time.windows.com,0x1 to the IP address of NTP time Server. For example,  my domain contrller is 192.168.1.10, so therefore I just put as 192.168.1.10,0×9

Here is the result I get,

I wasn’t expected this output above. The source should be 192.168.1.10,0×9

I got so many tested this thing where I also tried to change from “0x9” to “0x8” and suddenly it works. and when I reverted back to 0x9, it did not work.

The funny thing also I put FQDN of the domain controller (192.168.1.10 dcexc.netoverme.info) in to the host file (c:\windows\system32\drivers\etc\hosts) and it works.

then I remove the FQDN dcexc.netoverme.info from the Hosts File and it did not work. well, that’s funny. I suspect is that connectivity problem and having delay updating and synchronise to the domain controller, after I kept repeating running the

“w32tm /query /status ” and then it works..

the output should be like below:

Also check the Event viewer (Event ID 37) where it validates the time synchronization.

My conclusion, It’s good to have more troubleshoot and more experience on this thing.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s