Proper NTP server usage?
-
In an AD environment, all AD joined computers automatically get their time from the closest DC. Each DC gets its time from the PDCe if you have more than one DC in your environment.
You don't need to do a thing there.
That said, I have seen issues using the default time.windows.com or whatever it is by default. So on the PDCE, I am using ntp.org I think. Been a while since I set it up, but think that's the one.
It's actually very simple, don't let anyone complicate it. You don't need to install the NTP role or whatever, or change or add anything else.
-
@obsolesce said in Proper NTP server usage?:
In an AD environment, all AD joined computers automatically get their time from the closest DC. Each DC gets its time from the PDCe if you have more than one DC in your environment.
You don't need to do a thing there.
That said, I have seen issues using the default time.windows.com or whatever it is by default. So on the PDCE, I am using ntp.org I think. Been a while since I set it up, but think that's the one.
It's actually very simple, don't let anyone complicate it. You don't need to install the NTP role or whatever, or change or add anything else.
2016 changes that. No NTP servers setup by default on the primary FSMO role holder that all computers get their time from. Microsoft's recommendation is to use a USB GPS for the primary time provider. You have to use w32tm if you want to sync with an NTP source now. I've had good results using pool.ntp.org servers.
-
-
@obsolesce said in Proper NTP server usage?:
@travisdh1 said in Proper NTP server usage?:
2016 changes that.
Changes what?
Did you misread?
I did not. I got to deal with a client's domain that was implementing only after 2016 became standard. The primary role holder had no time server configured by default. Their entire network was having the clocks sync to a server without ANY time provider.
-
@travisdh1 said in Proper NTP server usage?:
@obsolesce said in Proper NTP server usage?:
@travisdh1 said in Proper NTP server usage?:
2016 changes that.
Changes what?
Did you misread?
I did not. I got to deal with a client's domain that was implementing only after 2016 became standard. The primary role holder had no time server configured by default. Their entire network was having the clocks sync to a server without ANY time provider.
So where was the PDCE getting the time from?
-
@obsolesce said in Proper NTP server usage?:
@travisdh1 said in Proper NTP server usage?:
@obsolesce said in Proper NTP server usage?:
@travisdh1 said in Proper NTP server usage?:
2016 changes that.
Changes what?
Did you misread?
I did not. I got to deal with a client's domain that was implementing only after 2016 became standard. The primary role holder had no time server configured by default. Their entire network was having the clocks sync to a server without ANY time provider.
So where was the PDCE getting the time from?
Hardware by default.
-
I just stood up a 2016 DC. I did nothing at all to it, and by default it uses the PDCE as the
w32tm /query /source.I haven't had a need to stand up a 2016 PDCE, just regular DCs.
I'm going to stand one up in a lab to see what the source is by default.
I could have sworn it was time.windows.com and not CMOS. That was 2012 R2 though, I'm curious now.
-
@obsolesce said in Proper NTP server usage?:
I just stood up a 2016 DC. I did nothing at all to it, and by default it uses the PDCE as the
w32tm /query /source.I haven't had a need to stand up a 2016 PDCE, just regular DCs.
I'm going to stand one up in a lab to see what the source is by default.
I could have sworn it was time.windows.com and not CMOS. That was 2012 R2 though, I'm curious now.
It has always been CMOS first, that's why all the systems that lose their time over time are due to that. Also any VM prior to booting to the OS regardless or not they have Guest Services enabled, get the time from the Host BIOS.
-
@dbeato said in Proper NTP server usage?:
@obsolesce said in Proper NTP server usage?:
I just stood up a 2016 DC. I did nothing at all to it, and by default it uses the PDCE as the
w32tm /query /source.I haven't had a need to stand up a 2016 PDCE, just regular DCs.
I'm going to stand one up in a lab to see what the source is by default.
I could have sworn it was time.windows.com and not CMOS. That was 2012 R2 though, I'm curious now.
It has always been CMOS first, that's why all the systems that lose their time over time are due to that. Also any VM prior to booting to the OS regardless or not they have Guest Services enabled, get the time from the Host BIOS.
That makes sense. The PDCE I set to use ntp.org very well may have said CMOS before I changed it. But regardless, when you join a pc or server to the domain, it automatically is set to use the PDCE as the time source.
-
@obsolesce said in Proper NTP server usage?:
@dbeato said in Proper NTP server usage?:
@obsolesce said in Proper NTP server usage?:
I just stood up a 2016 DC. I did nothing at all to it, and by default it uses the PDCE as the
w32tm /query /source.I haven't had a need to stand up a 2016 PDCE, just regular DCs.
I'm going to stand one up in a lab to see what the source is by default.
I could have sworn it was time.windows.com and not CMOS. That was 2012 R2 though, I'm curious now.
It has always been CMOS first, that's why all the systems that lose their time over time are due to that. Also any VM prior to booting to the OS regardless or not they have Guest Services enabled, get the time from the Host BIOS.
That makes sense. The PDCE I set to use ntp.org very well may have said CMOS before I changed it. But regardless, when you join a pc or server to the domain, it automatically is set to use the PDCE as the time source.
Yes, in a domain all computers get the time from a DC.
-
@dbeato said in Proper NTP server usage?:
@obsolesce said in Proper NTP server usage?:
@dbeato said in Proper NTP server usage?:
@obsolesce said in Proper NTP server usage?:
I just stood up a 2016 DC. I did nothing at all to it, and by default it uses the PDCE as the
w32tm /query /source.I haven't had a need to stand up a 2016 PDCE, just regular DCs.
I'm going to stand one up in a lab to see what the source is by default.
I could have sworn it was time.windows.com and not CMOS. That was 2012 R2 though, I'm curious now.
It has always been CMOS first, that's why all the systems that lose their time over time are due to that. Also any VM prior to booting to the OS regardless or not they have Guest Services enabled, get the time from the Host BIOS.
That makes sense. The PDCE I set to use ntp.org very well may have said CMOS before I changed it. But regardless, when you join a pc or server to the domain, it automatically is set to use the PDCE as the time source.
Yes, in a domain all computers get the time from a DC.
They SHOULD anyway.
-
@scottalanmiller said in Proper NTP server usage?:
@dbeato said in Proper NTP server usage?:
@obsolesce said in Proper NTP server usage?:
@dbeato said in Proper NTP server usage?:
@obsolesce said in Proper NTP server usage?:
I just stood up a 2016 DC. I did nothing at all to it, and by default it uses the PDCE as the
w32tm /query /source.I haven't had a need to stand up a 2016 PDCE, just regular DCs.
I'm going to stand one up in a lab to see what the source is by default.
I could have sworn it was time.windows.com and not CMOS. That was 2012 R2 though, I'm curious now.
It has always been CMOS first, that's why all the systems that lose their time over time are due to that. Also any VM prior to booting to the OS regardless or not they have Guest Services enabled, get the time from the Host BIOS.
That makes sense. The PDCE I set to use ntp.org very well may have said CMOS before I changed it. But regardless, when you join a pc or server to the domain, it automatically is set to use the PDCE as the time source.
Yes, in a domain all computers get the time from a DC.
They SHOULD anyway.
Yeah, that's important to note, should is the keyword.
