+ Post New Thread
Results 1 to 12 of 12
Windows Thread, Time Server Question in Technical; Hi all, Having a problem with w32tm and kerberos. Our dc's are virtual and keep loosing time, minutes over a ...
  1. #1

    Join Date
    Apr 2006
    Location
    Bamber Bridge
    Posts
    192
    Thank Post
    3
    Thanked 10 Times in 10 Posts
    Rep Power
    19

    Time Server Question

    Hi all,

    Having a problem with w32tm and kerberos. Our dc's are virtual and keep loosing time, minutes over a 24 hour period, the clients don't so this causes all sorts of problems with group policy and everything.

    I've tried to set the time server on the DC to sync to an external NTP source but it doesn't. Can someone point me in the right direction to get this to work? We're on lancsngfl and do they have a ntp server? If so i'd like to sync with them.

    And has anyone had experiences of clocks running slower in VM esxi and if so any solutions to fix it?

    Cheers,

  2. #2

    3s-gtech's Avatar
    Join Date
    Mar 2009
    Location
    Wales
    Posts
    2,915
    Thank Post
    155
    Thanked 600 Times in 539 Posts
    Rep Power
    159
    I run timesync on every server for this, used to find we'd get a time skew between domains in the forest and susequent logon problems. We then use our local authority time server for each instance, plus our CCTV, VPN etc. Clients sync from the DC.

  3. #3


    Join Date
    May 2009
    Posts
    3,278
    Thank Post
    290
    Thanked 883 Times in 661 Posts
    Rep Power
    339
    Quote Originally Posted by Ste_Harve View Post
    Hi all,
    And has anyone had experiences of clocks running slower in VM esxi and if so any solutions to fix it?
    Yes. Make sure the ESXi host is set to sync up from a timeserver. BUT bear in mind that ESX will not regard windows time services as being accurate enough so if you have them set to take time from a windows machine, they will likely just ignore it. Point them at a more authoritative source, say from your provider (if they run ntp services) or the uk.pool.ntp.org.

  4. #4

    Join Date
    Jun 2007
    Location
    London
    Posts
    894
    Thank Post
    64
    Thanked 171 Times in 140 Posts
    Rep Power
    55
    Why doesn't your DC sync to an external time server? Have you got a firewall in the way and if so, which one? Can any machine sync to an external source? You need to investigate this first.

  5. #5

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    350
    If you are part of an LEA WAN you may find they have there own time server - I know mine does and you can't contact any other time servers you need to use theres.

  6. #6

    Join Date
    Jun 2007
    Location
    London
    Posts
    894
    Thank Post
    64
    Thanked 171 Times in 140 Posts
    Rep Power
    55
    Quote Originally Posted by glennda View Post
    If you are part of an LEA WAN you may find they have there own time server - I know mine does and you can't contact any other time servers you need to use theres.
    Only if you get all your content through their proxies and they're blocking ntp from anywhere else.

  7. #7

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    350
    Quote Originally Posted by timzim View Post
    Only if you get all your content through their proxies and they're blocking ntp from anywhere else.
    thats what i meant

  8. #8

    Join Date
    Jun 2007
    Location
    London
    Posts
    894
    Thank Post
    64
    Thanked 171 Times in 140 Posts
    Rep Power
    55
    Quote Originally Posted by glennda View Post
    thats what i meant
    Sorry. Sounds typical of an LEA! If you've got your own proxy server chaining up to theirs you could create a bypass list & rule for certain sites (e.g. a list of NTP server sites) so you can get around their stupidity...er, I mean...security. We've done the very same.

  9. #9

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,821
    Thank Post
    272
    Thanked 1,140 Times in 1,036 Posts
    Rep Power
    350
    Quote Originally Posted by timzim View Post
    Sorry. Sounds typical of an LEA! If you've got your own proxy server chaining up to theirs you could create a bypass list & rule for certain sites (e.g. a list of NTP server sites) so you can get around their stupidity...er, I mean...security. We've done the very same.
    We do forward all our proxy onto them - but there is no way of getting out to the sites as they are all blocked! but their time server is pretty reliable - its normally bang on as it just gets the time from the internet and then we get it from them!

  10. #10

    Join Date
    Jan 2008
    Location
    South West
    Posts
    1,822
    Thank Post
    217
    Thanked 268 Times in 217 Posts
    Rep Power
    68
    SWGFL or my LEA (I forget) have a time server,(so proxy is no issue) I use it with my virtual DC and it works great. I just phoned them up and asked if they had one.

    EDIT... Ok I reread the posts so maybe one of these? GPS TIME SERVER
    Last edited by chazzy2501; 14th March 2011 at 08:47 AM.

  11. #11

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    18,142
    Thank Post
    522
    Thanked 2,550 Times in 1,979 Posts
    Blog Entries
    24
    Rep Power
    877
    Quote Originally Posted by timzim View Post
    Sorry. Sounds typical of an LEA! If you've got your own proxy server chaining up to theirs you could create a bypass list & rule for certain sites (e.g. a list of NTP server sites) so you can get around their stupidity...er, I mean...security. We've done the very same.
    Time servers don't run on port 80, so in my experience, unfiltering them won't make any difference. NTP ports would come under their general firewall rules, rather than web filtering.

  12. #12

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,592
    Thank Post
    109
    Thanked 770 Times in 598 Posts
    Rep Power
    183
    LancsNGfL do block NTP but I'm pretty sure that they provide an NTP server... I just cannot remember what it is. Best bet is to ring Westfield and ask them for the details.

SHARE:
+ Post New Thread

Similar Threads

  1. Poll: BNP on Question Time
    By JJonas in forum General Chat
    Replies: 80
    Last Post: 24th October 2009, 01:19 PM
  2. Stupid Question Time
    By timbo343 in forum Windows
    Replies: 4
    Last Post: 15th February 2008, 11:06 AM
  3. Odd question time...
    By dave.81 in forum General Chat
    Replies: 22
    Last Post: 1st September 2007, 01:09 AM
  4. Really Dumb Question Time
    By richard in forum Wireless Networks
    Replies: 15
    Last Post: 4th August 2006, 12:47 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •