+ Post New Thread
Results 1 to 12 of 12
Windows Thread, Time Server Question in Technical; Hi all, Having a problem with w32tm and kerberos. Our dc's are virtual and keep loosing time, minutes over a ...
  1. #1

    Join Date
    Apr 2006
    Location
    Bamber Bridge
    Posts
    192
    Thank Post
    3
    Thanked 10 Times in 10 Posts
    Rep Power
    18

    Time Server Question

    Hi all,

    Having a problem with w32tm and kerberos. Our dc's are virtual and keep loosing time, minutes over a 24 hour period, the clients don't so this causes all sorts of problems with group policy and everything.

    I've tried to set the time server on the DC to sync to an external NTP source but it doesn't. Can someone point me in the right direction to get this to work? We're on lancsngfl and do they have a ntp server? If so i'd like to sync with them.

    And has anyone had experiences of clocks running slower in VM esxi and if so any solutions to fix it?

    Cheers,

  2. #2

    3s-gtech's Avatar
    Join Date
    Mar 2009
    Location
    Wales
    Posts
    2,487
    Thank Post
    133
    Thanked 490 Times in 438 Posts
    Rep Power
    138
    I run timesync on every server for this, used to find we'd get a time skew between domains in the forest and susequent logon problems. We then use our local authority time server for each instance, plus our CCTV, VPN etc. Clients sync from the DC.

  3. #3


    Join Date
    May 2009
    Posts
    2,488
    Thank Post
    198
    Thanked 629 Times in 481 Posts
    Rep Power
    227
    Quote Originally Posted by Ste_Harve View Post
    Hi all,
    And has anyone had experiences of clocks running slower in VM esxi and if so any solutions to fix it?
    Yes. Make sure the ESXi host is set to sync up from a timeserver. BUT bear in mind that ESX will not regard windows time services as being accurate enough so if you have them set to take time from a windows machine, they will likely just ignore it. Point them at a more authoritative source, say from your provider (if they run ntp services) or the uk.pool.ntp.org.

  4. #4

    Join Date
    Jun 2007
    Location
    London
    Posts
    894
    Thank Post
    64
    Thanked 171 Times in 140 Posts
    Rep Power
    54
    Why doesn't your DC sync to an external time server? Have you got a firewall in the way and if so, which one? Can any machine sync to an external source? You need to investigate this first.

  5. #5

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,714
    Thank Post
    269
    Thanked 1,116 Times in 1,012 Posts
    Rep Power
    345
    If you are part of an LEA WAN you may find they have there own time server - I know mine does and you can't contact any other time servers you need to use theres.

  6. #6

    Join Date
    Jun 2007
    Location
    London
    Posts
    894
    Thank Post
    64
    Thanked 171 Times in 140 Posts
    Rep Power
    54
    Quote Originally Posted by glennda View Post
    If you are part of an LEA WAN you may find they have there own time server - I know mine does and you can't contact any other time servers you need to use theres.
    Only if you get all your content through their proxies and they're blocking ntp from anywhere else.

  7. #7

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,714
    Thank Post
    269
    Thanked 1,116 Times in 1,012 Posts
    Rep Power
    345
    Quote Originally Posted by timzim View Post
    Only if you get all your content through their proxies and they're blocking ntp from anywhere else.
    thats what i meant

  8. #8

    Join Date
    Jun 2007
    Location
    London
    Posts
    894
    Thank Post
    64
    Thanked 171 Times in 140 Posts
    Rep Power
    54
    Quote Originally Posted by glennda View Post
    thats what i meant
    Sorry. Sounds typical of an LEA! If you've got your own proxy server chaining up to theirs you could create a bypass list & rule for certain sites (e.g. a list of NTP server sites) so you can get around their stupidity...er, I mean...security. We've done the very same.

  9. #9

    glennda's Avatar
    Join Date
    Jun 2009
    Location
    Sussex
    Posts
    7,714
    Thank Post
    269
    Thanked 1,116 Times in 1,012 Posts
    Rep Power
    345
    Quote Originally Posted by timzim View Post
    Sorry. Sounds typical of an LEA! If you've got your own proxy server chaining up to theirs you could create a bypass list & rule for certain sites (e.g. a list of NTP server sites) so you can get around their stupidity...er, I mean...security. We've done the very same.
    We do forward all our proxy onto them - but there is no way of getting out to the sites as they are all blocked! but their time server is pretty reliable - its normally bang on as it just gets the time from the internet and then we get it from them!

  10. #10
    chazzy2501's Avatar
    Join Date
    Jan 2008
    Location
    South West
    Posts
    1,723
    Thank Post
    206
    Thanked 254 Times in 206 Posts
    Rep Power
    65
    SWGFL or my LEA (I forget) have a time server,(so proxy is no issue) I use it with my virtual DC and it works great. I just phoned them up and asked if they had one.

    EDIT... Ok I reread the posts so maybe one of these? GPS TIME SERVER
    Last edited by chazzy2501; 14th March 2011 at 08:47 AM.

  11. #11

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,095
    Thank Post
    511
    Thanked 2,309 Times in 1,785 Posts
    Blog Entries
    24
    Rep Power
    803
    Quote Originally Posted by timzim View Post
    Sorry. Sounds typical of an LEA! If you've got your own proxy server chaining up to theirs you could create a bypass list & rule for certain sites (e.g. a list of NTP server sites) so you can get around their stupidity...er, I mean...security. We've done the very same.
    Time servers don't run on port 80, so in my experience, unfiltering them won't make any difference. NTP ports would come under their general firewall rules, rather than web filtering.

  12. #12

    Ric_'s Avatar
    Join Date
    Jun 2005
    Location
    London
    Posts
    7,582
    Thank Post
    107
    Thanked 761 Times in 592 Posts
    Rep Power
    179
    LancsNGfL do block NTP but I'm pretty sure that they provide an NTP server... I just cannot remember what it is. Best bet is to ring Westfield and ask them for the details.

SHARE:
+ Post New Thread

Similar Threads

  1. Poll: BNP on Question Time
    By JJonas in forum General Chat
    Replies: 80
    Last Post: 24th October 2009, 01:19 PM
  2. Stupid Question Time
    By timbo343 in forum Windows
    Replies: 4
    Last Post: 15th February 2008, 11:06 AM
  3. Odd question time...
    By dave.81 in forum General Chat
    Replies: 22
    Last Post: 1st September 2007, 01:09 AM
  4. Really Dumb Question Time
    By richard in forum Wireless Networks
    Replies: 15
    Last Post: 4th August 2006, 12:47 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •