Over the past month I've run into a number of clients who's server time is off causing all sorts of problems. This is important because of added security measures that have been added to network systems over the past 10 years or so. In the case of Windows networks, if the time on your workstation is off by more than 5 minutes from the network then you may not be able to connect to network resources, be unable to login, etc...
One of the best ways to solve this is to have your PDC emulator (one of the FSMO roles in Windows Active Directory) synchronize with a reliable time source (i.e. the national Atomic Clock). You can do this by executing the following command at an elevated command prompt:
w32tm /config /manualpeerlist:time.windows.com /syncfromflags:manual /reliable:yes /update
If you don't want to use windows as your reliable time source, you can substitute a different server (instead of time.windows.com you could use tick.usno.navy.mil or tock.usna.navy.mil)
Once your PDC emulator is synchronizing its time from an atomic clock, you can then add a line in your login script to force machines when logged in to sync their time with the domain. (Windows will normally do that automatically, but you can force it if you want).
Subscribe to:
Post Comments (Atom)
I forgot, you can find Microsoft's article on how to do this at the following link:
ReplyDeletehttp://social.technet.microsoft.com/Forums/en-US/winservergen/thread/96278628-03a1-4b3d-90d9-2208a65a1210/