How do I set the time source on my domain controller?

Published by Charlie Davidson on

How do I set the time source on my domain controller?

To configure the PDC in the root of an Active Directory forest to synchronize with an external time source, follow these steps:

  1. Change the server type to NTP.
  2. Set AnnounceFlags to 5.
  3. Enable NTPServer.
  4. Configure the time correction settings.
  5. Close Registry Editor.

How do I sync my domain controller time with external time source?

To configure time synchronization via registry edit on the PDC emulator perform the following action:

  1. Open Registry Editor(regedit.exe)
  2. Navigate to the following registry key: HKLM\System\CurrentControlSet\Services\W32Time\Parameters.
  3. To use a specific NTP source, modify the Type value to NTP.

Where does domain controller get time from?

The domain controller with the PDCe role should sync with an external, reliable time source. This could be an internet time server, a hardware time-keeping device, or an internal NTP server that isn’t part of the domain. From there, the other domain controllers in the domain will sync their time from the PDCe.

How do I set domain time?

To do so, on the client PC, open a command prompt and run the command:

  1. net time. net time.
  2. w32tm /stripchart /computer:time. windows. com /dataonly.
  3. w32tm /config /manualpeerlist:time. windows.
  4. w32tm /config /update. w32tm /config /update.
  5. w32tm /resync. w32tm /resync.
  6. net time \\NETTIMESERVER. DOMAIN.

How do I fix the time on my domain controller?

How to: Fix Time Sync in your Domain (use w32time)

  1. Step 1: Identify your PDC role holder.
  2. Step 2: Identify some authoritative, external time sources to use with NTP.
  3. Step 3: Configure your PDC – (a) register the time service.
  4. Step 4: Configure your PDC – (b) set the time zone.

How do I find my w32tm settings?


  1. Open a command prompt.
  2. Check time sync: w32tm /query /source.
  3. List NTP server list: w32tm /query /peers.
  4. Update the peer list: w32tm /config /update /manualpeerlist:SPACE_LIMITED_NTP_SERVERS /syncfromflags:manual /reliable:yes.
  5. Force sync: w32tm /resync /rediscover.
  6. Check if the server is now using NTP:

How often do domain controllers sync time?

Step 5 – Force the KCC to recalculate the topology It checks and creates the connections between the Domain Controllers. By default KCC runs in the background every 15 minutes to check if a new connection has been established between DCs.

How often does a domain controller sync time?

Why is time important in Windows domain?

A: Windows AD needs timestamps for resolving AD replication conflicts and for Kerberos authentication. Kerberos uses them to protect against replay attacks—where an authentication packet is intercepted on the network and then resent later to authenticate on the original sender’s behalf. risk for replay attacks.

How time Sync works in a domain?

In a forest, the domain controllers of a child domain synchronize time with domain controllers in their parent domains. When a time server returns an authenticated NTP packet to a client that requests the time, the packet is signed by means of a Kerberos session key defined by an interdomain trust account.

How do you sync a domain controller?


  1. Start the Microsoft Management Console (MMC) Active Directory Sites and Services snap-in.
  2. Expand the Sites branch to show the sites.
  3. Expand the site that contains the DCs.
  4. Expand the servers.
  5. Select the server you want to replicate to, and expand the server.
  6. Double-click NTDS Settings for the server.

How do I find my NTP settings?

To verify the NTP server list:

  1. Hold the windows key and press X to bring up the Power User menu.
  2. Select Command Prompt.
  3. In the command prompt window, enter w32tm /query /peers.
  4. Check that an entry is shown for each of the servers listed above.

How do I setup a domain controller?

Set Domain Controller Via Registry Hold the Windows Key and press “R” to bring up the Windows Run dialog . Type “Regedit“, then press “Enter“. Navigate to: HKEY_LOCAL_MACHINE Create a String value called “SiteName“, and set it to the domain controller you wish the computer to connect to.

How to determine your PC domain controller?

How to Determine Your PC Domain Controller. 1. Click the “Start” button, type “cmd” in the Search box at the bottom of the Start menu and press “Enter” to launch the Command Prompt utility. 2. Select this command and press “Ctrl-C” to copy it to the clipboard: 3. Right-click anywhere inside the

Are domain controllers NTP servers?

No, Domain Controller can act as an NTP Server only just for domain-joined computers with Windows OS. If you want other devices to sync their times, you should set up and configure an NTP Server and tell your DC/DCs to sync its time with it.

What can a domain controller do?

A domain controller (DC) is a server that responds to security authentication requests within a Windows Server domain. It is a server on a Microsoft Windows or Windows NT network that is responsible for allowing host access to Windows domain resources. A domain controller is the centerpiece of the Windows Active Directory service.

Categories: Helpful tips