Strange Windows 2008 Domain NTP Query

Soldato
Joined
17 Oct 2002
Posts
3,941
Location
West Midlands
Greetings, i have 3 sites spread across three countries

UK, Germany and USA

Each site has two servers running Windows 2008 Server, all servers hold a copy of the global catalogue

There is a single domain/DNS namespace "domain.local"

UK Site

Server01 - Holds all FSMO Roles
Server02

Germany Site

Server03
Server04

USA Site

Server05
Server06

Sites and services has been configured with each sites associated subnet and there are active directory links between all servers, replication works fine and client machines can logon without issue.


However i have an NTP problem, SERVER01 referances an external time source being a UK Stratum2 server in Manchester. It also holds the PDC emulator role.

If i run the command i receive the appropriate response.

Code:
net time /querysntp
The current SNTP value is: ntp2d.mcc.ac.uk

The command completed successfully.

If i run the command i receive the appropriate response.

Code:
net time /domain
Current time at \\SERVER01.domain.local is 17/06/2010 00:34:20

The command completed successfully.

However if i simply run the command NET TIME i get the following.

Code:
net time
Current time at \\SERVER03 is 17/06/2010 00:35:32

Local time (GMT-10:00) at \\SERVER03 is 16/06/2010 13:35:32

The command completed successfully.

This is the same for every one of the six servers in the organisation, for some reason they try to query SERVER03 which is located in the states, Can anyone explain this behavior?
 
Soldato
Joined
6 Sep 2008
Posts
3,974
Location
By the sea, West Sussex
NET TIME queries any domain controller for the time that has the TIMESERV flag set.
NET TIME /DOMAIN:xxx will query the PDC for that domain for the time
NET TIME /querysnmp show which NTP server is setup, rather than the w32time server.

With you running AD the roles of DC's and member servers gets a little blurred so you may get a few 'issues'

Set the PDC Emulator to query from the Stratum 2 NTP, then set all other machine to query directly from the PDC Emulator via w32time.
Either that or get each machine to use NTP directly from a Stratum source if they are able to.
 
Last edited:
Soldato
OP
Joined
17 Oct 2002
Posts
3,941
Location
West Midlands
NET TIME queries any domain controller for the time that has the TIMESERV flag set.
NET TIME /DOMAIN:xxx will query the PDC for that domain for the time
NET TIME /querysnmp show which NTP server is setup, rather than the w32time server.

With you running AD the roles of DC's and member servers gets a little blurred so you may get a few 'issues'

Set the PDC Emulator to query from the Stratum 2 NTP, then set all other machine to query directly from the PDC Emulator via w32time.
Either that or get each machine to use NTP directly from a Stratum source if they are able to.

Excellent reply, thank you :)
 
Soldato
Joined
18 Oct 2002
Posts
4,521
"net time /set" on any server you think isn't going to the correct time source should point a server to the the PDC emulator. So long as that is correctly pointing to an external time source, you shouldn't have any issues with servers on your internal network.
 
Back
Top Bottom