How to configure a domain controller to synch with an external time source

No comments exist

I have found that many customers do not have external network time protocol (NTP) configured properly or at all.  Many times this manifests itself on the domain controller as Event ID 36 and states The time service has not synchronized the system time for 86400 seconds because none of the time service providers provided a usable time stamp.  To resolve this issue and configure NTP on a domain controller is relatively easy.

 

Sign into Windows as a user with rights to perform the NTP update.  Domain Admin rights will do just fine.

CMD Admin
Command Prompt with Administrative rights

 

I am using Windows 2012 (For Windows 2008 and Higher) open a command prompt in administrative mode.   For Windows 2012, Right click on start and select command prompt (Admin) menu

 

Now, what NTP servers should we use?  I like to use ones hosted by pool.ntp.org.  There are many others, use ones that are close to your network or that ping well to your network.  NIST has a few search for NIST NTP Servers in Google.  For international clients there are many international pool.ntp.org has international NTP servers as well.

 

From the Microsoft Tech Article on how to setup a domain controller with an external time source I pulled the following command:  w32tm /config /manualpeerlist: peers /syncfromflags:MANUAL

 

So the command that I used for this was: w32tm /config /syncfromflags:manual /manualpeerlist:0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org

 

Then w32tm /config /update to pull the time

 

Then w32tm /resync to verify that it worked.

 

NTPPhoto
Command Prompt showing NTP Server configuration and test
 

Leave a Reply