'time' on the network?

By game_over
in Microsoft (Windows)

 Share

Recommended Posts

Grand Master

game_over

Posted
Posted

the time on every computer on my network is around 5 minutes ahead of real time. everytime i change the time manually it gets restored to the 5 minutes ahead time after a re-logon, i'm guessing the time is set centrally on the server however i cant find it, any ideas?

Link to comment
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

And where do you have your server syncing time too? Yes by default all member machines of domain would sync with the DC.. normally the one running the PDC emulator.

http://technet2.microsoft.com/WindowsServe...3.mspx?mfr=true

Configuring a time source for the forest

http://support.microsoft.com/kb/816042

How to configure an authoritative time server in Windows Server 2003

http://technet2.microsoft.com/WindowsServe...3.mspx?mfr=true

Windows Time Service Technical Reference

Link to comment
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

heheeh - dude if he found the articles I posted too confusing.. I don't see how that one is going to make it any clearer ;)

All workstations that are memebers of a domain, sync with the DC for their time - this is by default.. You need to make sure that the DCs time is valid.. What time source are you syncing with? Just its local clock?? Thats your problem then.

Configure your DC.. if you have more than one - the one running the PDC emulator is the one you need to fix to sync its time with a valid outside source.. Say time.microsoft.com or time.nist.gov etc..

NTP uses port 123 UDP to sync time, so you will need to make sure your firewall allows this traffic to and from the outside world to your DC.

If the DC can not sync time - than just manually adjust its time, your client machines will then sync to whatever time your server says it is.

Link to comment
Share on other sites
Grand Master

MazX_Napalm

Posted
Posted

Yes what is so confusing? It tells you exactly which parts of the registry to edit. Anyone who can't follow the most basic steps in editing the registry should not have any admin rights on the server.

Link to comment
Share on other sites

Guest jgrodri

Posted
Posted

Don't take it the wrong way but, who are you to decide whether he should have admin rights on his own network?

it might not be advisable but the guy comes here asking for help and you tell him he shouldn't be an admin...

Link to comment
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

Well I have to kind of agree with MazX. If the "Windows Time Service Technical Reference" was "quite confusing" maybe computers are not their forte..

Let just hope this is his home private network, and not something he is actually getting paid to admin.. I'm sorry - but come on, someone that states "i believe it can be done from dos" hmmmm -- does that sound like someone you want to admin your network? ;)

I mean no offense by that, atleast he is looking for help.. But to be honest the documents linked too where not very complicated, the Tech Reference for example goes into

--

• What Is Windows Time Service?

• How Windows Time Service Works

• Windows Time Service Tools and Settings

The Microsoft Windows Server 2003 Windows Time service, also known as W32Time, synchronizes the date and time for all computers running on a Windows Server 2003 network. Time synchronization is critical for the proper operation of many Windows services and line-of-business applications. The Windows Time service uses the Network Time Protocol (NTP) to synchronize computer clocks on the network so that an accurate clock value, or time stamp, can be assigned to network validation and resource access requests. The service integrates NTP and time providers, making it a reliable and scalable time service for enterprise administrators.

This section will explain how the Windows Time service performs tasks such as time synchronization across an enterprise and how it determines what computers provide reliable time. At a higher level, it will also explain the services that the Windows Time service provides to other applications and services.

--

This is a basic document that gives a good overview of the what and how, etc.. It does not go into low level details of the NTP protocol, etc.. Its not like I linked to the RFCs or something - even though those are great references..

http://www.faqs.org/rfcs/rfc1305.html

Network Time Protocol (Version 3) Specification, Implementation and Analysis

http://www.faqs.org/rfcs/rfc2030.html

Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6 and OSI

It goes over basic info that anyone that is wanting to admin Active Directory should really understand.. atleast IMHO, and from his statement I would assume MazXs opinion as well.. I am sure he meant no offense by it, etc.. and neither do I.

But the time on each machine in an AD can be a major factor.. if they are off by too much your going to have all kinds of issues.. Understanding the "basics" how time is kept in sync across your domain is a pretty basic concept that any admin should understand.

Link to comment
Share on other sites
Grand Master

MazX_Napalm

Posted
Posted

Just how confusing is this?

1. Click Start, click Run, type regedit, and then click OK.

2. Locate and then click the following registry subkey:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags

3. In the right pane, right-click AnnounceFlags, and then click Modify.

4. In Edit DWORD Value, type A in the Value data box, and then click OK.

5. Quit Registry Editor.

6. At the command prompt, type the following command to restart the Windows Time service, and then press ENTER:

net stop w32time && net start w32time

And there is a second section that is a bit longer

If you can't follow instructions like that, then you shouldn't be allowed to admin any computer. I'm not being offensive, but that is the truth.

Link to comment
Share on other sites
Grand Master

game_over

Posted
  • Author
Posted

Just how confusing is this?

If you can't follow instructions like that, then you shouldn't be allowed to admin any computer. I'm not being offensive, but that is the truth.

what you quoted there was not difficult, but it was the document itself i was having trouble with. I'm sorry i asked for further assistance i thought that's what this website was for. :rolleyes: and i doubt a problem as small as this determines my ability as a network administrator.

Link to comment
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

Which document were you having trouble with then? Which concept did you not get about syncing time with your DC? Or that the DC needs to have the correct time, and that it needs a valid time source? Or whatever other time source your machines might be using needs to be correct?

You really need to ensure that your time across your domain is going to be correct going forward, setting the time from a command line now and then when you notice its off is not what you should be looking to do!

Be happy to help - but what did you find "quite confusing"?

Link to comment
Share on other sites
Grand Master

Chode

Posted
Posted

NTP uses port 123 UDP to sync time, so you will need to make sure your firewall allows this traffic to and from the outside world to your DC.

I hadn't given too much thought to it, but I'd noticed that my client time (commonly out due to ghosting) was not syncing with the client. I thought nothing of it, but it does seem likely now that Windows Firewall was blocking the time synchronisation.

Thanks for saving me a quick google :)

Time syncing can be done from DOS, and I've seen some configurations that use the following in a Batch File Logon Script to do just this:

NET TIME \\SERVER /SET /YES

(where SERVER is the Server or workstation that you wan't to read the time from).

Though if memory serves me, this can only be done by a user with local administrative rights. Not sure if it works in a logon-script for non-administrative users.

Link to comment
Share on other sites
Veteran

bobbba

Posted
Posted

I hadn't given too much thought to it, but I'd noticed that my client time (commonly out due to ghosting) was not syncing with the client. I thought nothing of it, but it does seem likely now that Windows Firewall was blocking the time synchronisation.

Thanks for saving me a quick google :)

Time syncing can be done from DOS, and I've seen some configurations that use the following in a Batch File Logon Script to do just this:

NET TIME \\SERVER /SET /YES

(where SERVER is the Server or workstation that you wan't to read the time from).

Though if memory serves me, this can only be done by a user with local administrative rights. Not sure if it works in a logon-script for non-administrative users.

you should not have to do this on dmoain members, they are meant to synchronise with the pdc emualtor automatically

Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.