Introduction
Configure Domain Controller to synchronize time with external NTP server (dk.pool.ntp.org)
UDP port 123 must be open on firewall to allow NTP traffic in and out from this DC.
From DC command prompt type “telnet portquiz.net 123” to test if the port 123 traffic can go out.
Logon to Domain Controller (with PDC role) with Administrator account and open elevated command prompt.
If you have multiple domain controller and don’t know which DC holds PDC role then use following command:
netdom /query fsmo
Configure external time sources
w32tm /config /reliable:yes /syncfromflags:manual /manualpeerlist:"0.dk.pool.ntp.org 1.dk.pool.ntp.org 2.dk.pool.ntp.org 3.dk.pool.ntp.org"
restart w32 time server, now DC should synchronize time with the ntp time servers.
net stop w32time && net start w32time
- Check the Event Log on the server
w32tm sync commands:
Force synchronizing the time asap
w32tm /resync /nowait
Check NTP configuration
w32tm /query /configuration
Check NTP status
w32tm /query /status
Display time source
w32tm /query /peers
Display time between Domain Controllers
w32tm /monitor
Force domain computers to synchronize the time with the DC; use elevated command prompt
w32tm /config /syncfromflags:domhier /update
net stop w32time && net start w32time
Following commands will reset the time service to default.
net stop w32time w32tm /unregister w32tm /register net start w32time
