Windows server 2008 / 2008 R2 AD sync with external NTP server

As AD servers provide time to machines in a domain it is important to have AD servers synchronized with an realyable time source. If you know the project http://pool.ntp.org you can find NTP servers that are part of this “cluster” and are near to you. As I live in Slovenia we have a pool called si.pool.ntp.org in which you can find Slovenian NTP servers that are accurate enough to provide exact time (for those more familiar with NTP protocol in pool there you can find also most accurate stratum1 and stratum2 time servers…).

On AD server that is running Windows server 2008 / 2008 R2 you should run command prompt with administrative rights (right click / run as administrator).

First check difference between your server and external time source (in my example si.pool.ntp.org)

Command: w32tm /stripchart /computer:si.pool.ntp.org /samples:5 /dataonly

C:\>w32tm /stripchart /computer:si.pool.ntp.org /samples:5 /dataonly
Tracking si.pool.ntp.org [].
Collecting 5 samples.
The current time is 24.6.2011 13:29:08.
13:29:08, +08.8351541s
13:29:10, +08.7976694s
13:29:12, +08.8065559s
13:29:14, +08.7534768s
13:29:16, +08.7956427s

Confiure your server to use external NTP time source for sync:

Command: w32tm /config /manualpeerlist:si.pool.ntp.org,0×8, /syncfromflags:manual /update

C:\>w32tm /config /manualpeerlist:si.pool.ntp.org,0×8, /syncfromflags:manual /update
The command completed successfully.

Force sync immediately:
Command: w32tm /resync

C:\>w32tm /resync
Sending resync command to local computer
The command completed successfully.

I will now retry the first command to see the results:

C:\>w32tm /stripchart /computer:si.pool.ntp.org /samples:5 /dataonly
Tracking si.pool.ntp.org [].
Collecting 5 samples.
The current time is 24.6.2011 13:19:20.
13:19:20, +00.0485657s
13:19:22, +00.0415741s
13:19:24, +00.0380984s
13:19:26, +00.0342493s
13:19:28, +00.0310221s

Source: http://luka.manojlovic.net/2011/06/24/windows-server-2008-2008-r2-ad-sync-with-external-ntp-server/


Synchronize time with external NTP server on Windows Server 2008 (R2).

16 November 2009 by Marek.Z

Time synchronization is an important aspect for all computers on the network. By default, the clients computers get their time from a Domain Controller and the Domain Controller gets his time from the domain’s PDC Operation Master. Therefore the PDC must synchronize his time from an external source. I usually use the servers listed at the NTP Pool Project website. Before you begin, don’t forget to open the default UDP 123 port (in- and outbound) on your firewall.

  1. First, locate your PDC Server. Open the command prompt and type: C:\>netdom /query fsmo
  2. Log in to your PDC Server and open the command prompt.
  3. Stop the W32Time service: C:\>net stop w32time
  4. Configure the external time sources, type: C:\> w32tm /config /syncfromflags:manual /manualpeerlist:”0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.org”
  5. Make your PDC a reliable time source for the clients. Type: C:\>w32tm /config /reliable:yes
  6. Start the w32time service: C:\>net start w32time
  7. The windows time service should begin synchronizing the time. You can check the external NTP servers in the time configuration by typing: C:\>w32tm /query /configuration
  8. Check the Event Viewer for any errors.

Tested on Windows Server 2008 R2 (Build 7600).


