Setting A Reliable Time Server For Your PDC Emulator

Did you enjoy this article?
YesNo
Sharing Options:
Estimated Reading Time: 3 Minutes
Rate this post

This post was originally published on February 13, 2017
The latest update to this post was made 1 year ago.

Setting A Reliable Time Server For Your PDC EmulatorSetting A Reliable Time Server For Your PDC Emulator

In this article we’ll cover setting up a reliable time server for your PDC emulator.  This is an essential step to ensure your domain controllers/workstations all have the correct date/time.

ISSUE
You need to set an authoritative time server on your PDC emulator and make it remain a reliable time source for your domain.

Also includes EVENT ID 12, Time-Service
Details: Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the AD PDC emulator for the domain at the root of the forest, so there is no machine above it in the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure the AD PDC to synchronize with an external time source. Otherwise, this machine will function as the authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.

APPLIES TO
Windows Server 2008/2008r2/2012/2012r2/2016/2019.  The authoritative time is configured only on the PDC emulator for your domain.  The other domain controllers will pickup the time changes at next sync.  You can optionally run the w32tm /resync command on the additional domain controllers to make them pickup changes immediately.

This article, also on Blog Encounters, may be of interest:  Windows 10 Computers Showing As Windows Vista On Server 2012R2 WSUS

RESOLUTION
Follow these steps to set a new time server source and make your PDC emulator a reliable time source for your domain.

  1. Find out who your PDC emulator is. Run the following command on a domain controller in an admin command prompt:
    • netdom /query fsmo
  2. Login to the PDC emulator that you discovered from step 1.
  3. Open an administrator command prompt (run as administrator), and run the following commands (shown in BOLD):

w32tm /config /syncfromflags:manual /manualpeerlist:”<time server #1>, <time server #2>”
You can specify NTP and SNTP servers, you must enter at least one address of a trusted time server.

You can use FQDN and/or IP Address.  We recommend:  time.nist.gov and utcnist.colorado.eduIf you decide to use these time servers, you can simply copy the following line and paste in to your command prompt:
w32tm /config /syncfromflags:manual /manualpeerlist:time.nist.gov,utcnist.colorado.edu

See available public NIST time servers here -> http://tf.nist.gov/tf-cgi/servers.cgi

w32tm /config /reliable:yes
This command makes the PDC a reliable time source for your domain, this is a requirement!

net stop w32time
Stops the time service

net start w32time
Starts the time service

If the time is now correct on your PDC, you are done!  Check your event log on the PDC emulator, look under ‘Windows Logs’ -> ‘System’.  You should see the time service synchronized and received valid data from your selected server(s) above.

If not, run these additional steps (from your administrator command prompt, still)

w32tm /query /configuration
Queries your current configuration (review it)

w32tm /resync
Forces a resync of settings.

w32tm /config /reliable:yes
Forces the new configuration to be a reliable time server for your domain.

This article, also on Blog Encounters, may be of interest:  Restart Windows 8.1 Or Windows 10 From Remote Desktop RDC

Tags: #windows #time #nist #windowsserver #techsupport
Article updated with new information: March 2022

Loading

Sharing Options:
Did you enjoy this article?
YesNo

Be the first to comment

Leave A Reply