K
Keith
Thanks for the help. Port 123 is open to send/receive.
Not sure what you mean about the NAT between the DC and
the local loop though. How would I forward a port?
I checkd the registry, LocalNTP is set to Hex=0. Is
that 'yes'?
I did stop and restart w32time, but still have the same
incorrect time.
Perhaps I do have a NAT? How can I check that?
thanks,
Keith
Not sure what you mean about the NAT between the DC and
the local loop though. How would I forward a port?
I checkd the registry, LocalNTP is set to Hex=0. Is
that 'yes'?
I did stop and restart w32time, but still have the same
incorrect time.
Perhaps I do have a NAT? How can I check that?
thanks,
Keith
-----Original Message-----
I assume you are doing a compare with an atomic clock?
If so, then something, somewhere, isn't working on your
NTP rig.
My rig:
a) Tell your firewall to be nice to TCP/UDP port 123
packets (I beleive you can get by on just UDP...never
tried).
b) Only use the external NTP source on a DC (as you have);
if there's any NAT between DC and your local loop, forward
the port.
c) On the DC, set the "LocalNTP=yes" in the registry.
d) You have correct syntax, so no worries there [I use
ntp2.usno.navy.mil].
4) Do "net stop w32time" and "net start w32time" to
immediately kick things off on your new internal NTP
server.
5) On Client boxes, do "net stop w32time", "net
time /setsntp:<your NTP server>", and finally "net start
w32time" for an immediate synch.
In the meantime, relax your Kerberos Policy for the extra
couple of minutes you are currently "out".
-----
David
-----Original Message-----
I have set the time service sync on a domain controller
using the 'net time /setsntp:sourcename' command, but it
has not updated to the coorect time on that external
source. We are still 6-7 minutes behind the time that is
coming from the external source. How can I get the DC to
refresh and start pulling the correct time from the
external source? (I am using time- a.timefreq.bldrdoc.gov
as the external source.)