Friday, February 11, 2011

Synchronize the Time Server for the Domain Controller with an External Source

Synchronize the Time Server for the Domain Controller with an External Source

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

By default, the primary domain controller (PDC) emulator gets its time from the BIOS clock.

In a network with a single DC, that DC automatically has this role.

The PDC emulator establishes the time and date settings for all computers within its domain.

If the time is not accurately set in the PDC emulator’s BIOS, all computers in the domain have incorrect time and date settings.

To prevent this, you can synchronize the domain controller with an external time source such as the time servers provided by the National Institute of Standards and Technology (NIST). For a list of the names and IP addresses of NIST time servers for your area, see the National Institute of Standards and Technology (NIST) Internet Time Servers link on the Web Resources page at http://www.microsoft.com/windows/reskits/webresources.

Note

  • Be aware that the Network Time Protocol (NTP) is unauthenticated, and unencrypted, and it is possible for an intruder to spoof the time root source, causing the wrong time to be set on the DC. You can avoid this possibility by using IPSec to secure the transmission, by accessing the time root source by its IP address rather than its fully qualified domain name, or by purchasing an NTP-capable hardware clock for your DC time synchronization.

To synchronize the domain controller with an external time source

  1. Click Start, and then click Command Prompt.

  2. In the Command Prompt window, type the following line, where peers is a comma-separated list of IP addresses of the appropriate time sources, and press ENTER:

    w32tm /config /manualpeerlist: peers /syncfromflags:MANUAL

    The time sources you choose depend on your time zone. For example, if your domain controller is located in the Pacific Time zone, this line might read:

    w32tm /config /manualpeerlist:131.107.1.10 /syncfromflags:MANUAL

    In this example, the IP address of the timeserver is used instead of the fully qualified domain name for security purposes.

  3. Press ENTER. You should get a message that the command completed successfully.

  4. Type w32tm /config /update

  5. Press ENTER. You should get a message that the command completed successfully.

    W32time uses a variable poll interval based on the quality of timesync with the server. On DCs, this interval defaults to between 64 and 1024 seconds.

  6. To immediately synchronize with the external time server, type w32tm /resync and press ENTER. You should get a message that the command completed successfully.

  7. Type Exit and press ENTER.

3 comments:

Anonymous said...

http://www.webshare.cc/blog/b/blog_view.php?mid=547194&id=146&show_bbslink=
http://oriflameblog.cz/forum/topic/finding-cheap-and-effective-deals-has-become-as-easy-as-clicking-your-mouse?replies=1#post-38790
http://jiumengshici.hatenablog.com/entry/2013/01/28/145151
http://www.bloglog.com/blog/fashion4/125904/most-modern-printers-are-made-to-work-with-specific-types-of-ink-
http://ludhianacity.net/blog/57192/three-mobile-phone-deals/
http://jiumengshici.hatenablog.com/entry/2013/01/28/145228
http://sns.cam111.com/blogs/entry/emergence-of-new-market-players-and-innovations
http://heraldbulletin.neighborsink.com/node/247694
http://huangshumei.cocolog-nifty.com/blog/2013/01/this-will-resul.html
http://archive.remdublin.com/blog/xmyshang/2013/01/27/jatimberlandsale
http://oriflameblog.cz/forum/topic/so-you-need-to-choose-depending-on-your-personal-choice-needs-and-circumstances?replies=1#post-38789
http://blog.qlep.com/blog.php/216559/718423
http://blog.qlep.com/blog.php/223035/718351
http://d.hatena.ne.jp/huangshumei/20130128/1359362523
http://www.toma.jp/blog/333333/?entry_id=870629

Anonymous said...

My coder is trying to persuade me to move
to .net from PHP. I have always disliked the idea because of the expenses.
But he's tryiong none the less. I've been using WordPress on various websites for about a year and am nervous about switching to another
platform. I have heard excellent things about blogengine.
net. Is there a way I can import all my wordpress content into it?
Any kind of help would be really appreciated!

my web-site askhighcotton.blogspot.com

Anonymous said...

I'll immediately clutch your rss feed as I can not find your e-mail subscription link or e-newsletter service. Do you have any? Please let me know in order that I could subscribe. Thanks.

my webpage ... know-insanity.blogspot.co.uk