LinkBack URL
About LinkBacksThe system clocks on our server and PCs are wrong (a few minutes fast) - is there anything I need to be aware of/cautious about before I go changing these?
The system clocks on our server and PCs are wrong (a few minutes fast) - is there anything I need to be aware of/cautious about before I go changing these?
Not more than five min change at one time if you still have some XP clients. Vista and 7 do their changes more smoothly.
as long as you arnt changing them by massive ammounts and any domain you have trusts to has its clocks at a close enough time shouldnt be an issue
Just be aware that Kerberos authentication / services will fail if the time difference between the server and the PCs is greater than a defined tolerance (default 5 minutes). Once all the clocks have been synced, then it should all work again.
Iain.
Hi
Time sync your pcs with the server and then move the time on the server by less than 5 mins every couple of days till you get the time correct.
It took me 2 months to get the time right here,
Richard
Well use this script on your dcs:
net stop w32time
w32tm /config /manualpeerlist:"0.uk.pool.ntp.org 1.uk.pool.ntp.org 2.uk.pool.ntp.org 3.uk.pool.ntp.org" /syncfromflags:manual /reliable:yes /update
w32tm /config /reliable:yes
net start w32time
Also in dc group policy set servers to ntp
in other pc/ servers group policy put ntsds
you may find the lea has a time server and access to others is blockedOriginally Posted by irsprint84
ah the joys of LEA
just change o.uk.pool.ntp.org to whatever the LEA IP is
Ian
Hi
A lot of the time you can only use the lea time server as they stop you accessing the web ones.
As far as I remember you can set the ntp setting in gpo and you can set a ntp server in dhcp. I have had a problems setting a time server in gpo for xp and had to put
NET TIME \\timeserver /SET /YES
in a startup script.
Richard
microsoft now tells people to avoid ntp time in dhcp and I would advise against doing in script, best to do all with GPO
They are only a few minutes out just now, so it sounds like I'll be okay...
I would just fix it, I made that mistake and cost me dear!
With Windows Server 2008 R2, when promoted to a domain controller, this becomes your domain's own time server. There's a good discussion about it here
I then run the following code once:
When you join Windows 7 clients to a 2008 R2 domain, they'll automatically 'check in' to your 2008 R2 DC. You can verify this by running:Code:@echo off net stop w32time w32tm /config /syncfromflags:manual /manualpeerlist:ntp.bgfl.org w32tm /config /reliable:yes net start w32time w32tm /query /peers PAUSE
from a command prompt on a Windows 7 client. It should report back something like:Code:w32tm /query /peers
You don't need to run any scripts or set any GPOs for the clients. It just works automatically.Peer: SERVERNAME.domain.domain
State: Active
Time Remaining: 860.6081351s
Mode: 3 (Client)
Stratum: 4 (secondary reference - syncd by (S)NTP)
PeerPoll Interval: 12 (4096s)
HostPoll Interval: 12 (4096s)
with GPO mine check in automatically every minute or as you can set in gpo
Every minute? What's the point setting it so frequently? Once every few days would easily be enough.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote