By default, all computers and devices on a domain synchronize system time using the domain hierarchy. Domain members synchronize time with domain controllers, which in turn synchronize time with the domain controller running the PDC emulator role. The PDC emulator of the forest root domain is at the top of the domain hierarchy, and as such configuring this domain controller to synchronize time with the domain hierarchy is invalid. The Windows Time Service warns you of this condition by writing event ID 12 to the Windows event log from the W32Time event source. In some scenarios, the PDC emulator gets its time from the BIOS clock. However, this approach has drawbacks. If the time and date is not set accurately in the PDC emulator BIOS, time and date settings will be incorrect across the domain. In addition, if the PDC emulator goes offline, domain members will be unable to synchronize time. A better approach is to configure the PDC emulator to synchronize time directly with an external time source. Alternatively, you can configure another device within your domain to synchronize time with an external time service, and then configure the PDC emulator to use your internal time server as the authoritative time source. Authoritative external time sources are Internet-facing services, typically maintained by governmental, scientific, or educational establishments that enable you to synchronize your system time using Network Time Protocol (NTP). For example, NIST provides time servers in various locations across the United States.
The error associated with the NTP server settings will be reflected in Active Directory and the following message will be displayed in the Event Log:
Feb 03 13:00:37 0.36 Microsoft-Windows-Time-Service The time service has not synchronized the system time for the last 86400 seconds because none of the time service providers provided a usable time stamp. The time service will not update the local system time until it is able to synchronize with a time source. If the local system is configured to act as a time server for clients, it will stop advertising as a time source to clients after 0 seconds. The time service will continue to retry and sync time with its time sources. Check system event log for other W32time events for more details. Run 'w32tm /resync' to force an instant time synchronization. You can control the frequency of the time source rediscovery using ClockHoldoverPeriod W32time config setting. Modify the EventLogFlags W32time config setting if you wish to disable this message.To display the status of the time setting:
w32tm /query /status /verbose
175 / 5,000 Translation results Source name: LOCAL - defines the set synchronization using the local time source (RTC circuit on the computer's motherboard). The time can be set by entering the command:
w32tm.exe /config /syncfromflags:manual /manualpeerlist:131.107.13.100,0x8 /reliable:yes /update
Parameter manualpeerlist: 131.107.13.100 specifies the list of IP addresses on which the NTP server is operated. To ensure stability, it is necessary to select several NTP servers at the same time.
Odborník na kybernetickú bezpečnosť, správu Azure Cloud a VMware onprem. Využíva technológie, ako Checkmk a MRTG, na monitorovanie siete a zvyšovanie efektívnosti a bezpečnosti IT infraštruktúry.
