Network Time Protocol: Difference between revisions

From WikiWiki
Jump to navigation Jump to search
No edit summary   (change visibility)
No edit summary   (change visibility)
 
(16 intermediate revisions by the same user not shown)
Line 1: Line 1:
*testen:
{| class="wikitable"
w32tm /stripchart /computer:time.cronos.be /samples:5 /dataonly"
|-
*source zetten:
| test|| w32tm /stripchart /computer:ntp.belnet.be /samples:5 /dataonly
W32tm /config /manualpeerlist:time.cronos.be,0x0 /syncfromflags:manual
|-
*check source
| set source || W32tm /config /manualpeerlist:ntp.belnet.be,0x0 /syncfromflags:manual
w32tm /query /source
|-
| set source on PDCe || w32tm /config /manualpeerlist:ntp.belnet.be /syncfromflags:manual /reliable:yes /update
|-
| check source || w32tm /query /source
|-
|  || w32tm /query /peers
|-
|  || w32tm /query /status
|-
|  || w32tm /query /configuration
|-
| That tells the computer to since from the domain hierarchy (DCs) and to update itself.  || w32tm /config /update /syncfromflags:DOMHIER
|-
|  || w32tm.exe /resync /rediscover
|-
| test against all dc's || w32tm /monitor
|-
| restart service || net start/stop w32time
|}


w32tm /query /peers
* be.pool.ntp.org
* ntp.belnet.be


w32tm /query /status
{| class="wikitable"
|-
| After much prodding, swearing and Googling, it became apparent that with 2003 if a DC has ever held the PDC Emulator role then it will still think it is the authoritative time source for the domain when that role is moved off it. This meant that we had 3 DCs all thinking that they were the One True Time Source and all being out of sync with each other by 2 or 3 minutes.
This issue can be resolved by running the following command on the former PDC Emulator(s): '''w32tm /config /syncfromflags:domhier /reliable:no /update''' which will tell the DC that it is no longer a reliable time source and so it should check for updates from a source that is (i.e. the PDC). You can speed things up a bit by issuing a '''w32tm /resync''' command to force the Windows Time service to update.
|}
https://www.angryadmin.co.uk/?p=349


=on PDC=
'''w32tm /config /manualpeerlist:<peers> /syncfromflags:manual /reliable:yes /update'''


be.pool.ntp.org
[http://technet.microsoft.com/en-us/library/cc794937%28v=ws.10%29.aspx Technet - Configure the Time Source for the Forest]
 
[http://blogs.technet.com/b/nepapfe/archive/2013/03/01/it-s-simple-time-configuration-in-active-directory.aspx Blog - “It’s Simple!” – Time Configuration in Active Directory]
 
 
 
{| class="wikitable"
|-
! value !! description
|-
| 0x01 || SpecialInterval
|-
| 0x02 || UseAsFallbackOnly
|-
| 0x04 || SymmatricActive
|-
| 0x08 || Client
|}
  By making the primary NTP server flag 0x9, we made it “Client 0x08 + SpecialInterval 0x01”  and as for the second NTP time server.
  By making the secondary NTP peer flag 0xa, we made it “0x08 Client + 0x02 UseAsFallbackOnly”.
  (https://blogs.technet.microsoft.com/askds/2007/11/01/configuring-your-pdce-with-alternate-time-sources/)

Latest revision as of 10:38, 29 July 2016

test w32tm /stripchart /computer:ntp.belnet.be /samples:5 /dataonly
set source W32tm /config /manualpeerlist:ntp.belnet.be,0x0 /syncfromflags:manual
set source on PDCe w32tm /config /manualpeerlist:ntp.belnet.be /syncfromflags:manual /reliable:yes /update
check source w32tm /query /source
w32tm /query /peers
w32tm /query /status
w32tm /query /configuration
That tells the computer to since from the domain hierarchy (DCs) and to update itself. w32tm /config /update /syncfromflags:DOMHIER
w32tm.exe /resync /rediscover
test against all dc's w32tm /monitor
restart service net start/stop w32time
  • be.pool.ntp.org
  • ntp.belnet.be
After much prodding, swearing and Googling, it became apparent that with 2003 if a DC has ever held the PDC Emulator role then it will still think it is the authoritative time source for the domain when that role is moved off it. This meant that we had 3 DCs all thinking that they were the One True Time Source and all being out of sync with each other by 2 or 3 minutes.

This issue can be resolved by running the following command on the former PDC Emulator(s): w32tm /config /syncfromflags:domhier /reliable:no /update which will tell the DC that it is no longer a reliable time source and so it should check for updates from a source that is (i.e. the PDC). You can speed things up a bit by issuing a w32tm /resync command to force the Windows Time service to update.

https://www.angryadmin.co.uk/?p=349

on PDC

w32tm /config /manualpeerlist:<peers> /syncfromflags:manual /reliable:yes /update

Technet - Configure the Time Source for the Forest

Blog - “It’s Simple!” – Time Configuration in Active Directory


value description
0x01 SpecialInterval
0x02 UseAsFallbackOnly
0x04 SymmatricActive
0x08 Client
 By making the primary NTP server flag 0x9, we made it “Client 0x08 + SpecialInterval 0x01”  and as for the second NTP time server.
 By making the secondary NTP peer flag 0xa, we made it “0x08 Client + 0x02 UseAsFallbackOnly”. 
 (https://blogs.technet.microsoft.com/askds/2007/11/01/configuring-your-pdce-with-alternate-time-sources/)