Below are the easiest steps to fix time synchronization (NTP) issue on windows servers. In a domain, all domain controllers must synchronize from the PDC Emulator of that domain using NT5DS and the PDC Emulator of the root domain in a forest must synchronize with an external time server using NTP.

 Step 1: Login to any of the DC and check for PDC Emulator role by typing below command-

 # netdom query fsmo

 Connect to PDC domain controller and run the below command to check the time source-

 # w32tm /query /source

You may get the result as below-

- Free-running system clock

- Local CMOS Clock

Step 2: Above result shows that your PDC domain controller doesn't have NTP configured on it. So, need to run following commands with elevated privilege on PDC domain controller-

# w32tm /config /manualpeerlist:"0.pool.ntp.org,0x1 1.pool.ntp.org,0x1 2.pool.ntp.org,0x1 3.pool.ntp.org,0x1" /syncfromflags:manual /reliable:YES /update

# w32tm.exe /config /update

# Restart-Service w32time

# net stop w32time && net start w32time

# w32tm /resync /nowait

Need to run the command #w32tm /query /source and see if the result shows any of the above pool.ntp.org result. If it shows, then NTP has been configured successfully.

Step 3: Need to run below command on member domain controllers (which doesn't have PDC role).

# w32tm /config /syncfromflags:domhier /update

# net stop w32time && net start w32time

# w32tm /resync /nowait

Step 4: Need to run command (w32tm /query /source) and see if result shows the name of PDC domain controller. If not, then you need to do the following-

Need to check if reverse lookup zone is created on DNS, if not then need to create reverse lookup zone for it.

If reverse lookup zone is already created, then need to run below commands-

# Net Stop W32time.

# W32tm.exe /unregister

# W32tm.exe /register

# Net Start W32time

# w32tm.exe /resync /rediscover /nowait

Hope you are good now!

 

For any further query, please reach out to us at NOCAGILE