Domain controllers
It is ONLY the domain controller holding the PDC role that should use external NTP. All the other domain controllers should sync with PDC domain controller. To find the server holding the PDC role run
netdom /query fsmo
On the domain controller holding the FSMO role you should configure NTP with this command
w32tm /config /manualpeerlist:"1.no.pool.ntp.org 2.no.pool.ntp.org" /syncfromflags:manual /reliable:yes /update
On the other domain controllers configure NTP with this command
w32tm /config /syncfromflags:domhier /reliable:no /update
Servers
On the servers in the domain you should configure NTP with this command
w32tm /config /syncfromflags:domhier /update
Servers outside the domnain should use this:
w32tm /config /manualpeerlist:"IP" /syncfromflags:manual /reliable:yes /update
Some info
All the above configuration has to be followed by the command below to take effect
net stop w32time
net start w32time
If you wan’t to query a NTP source run this
w32tm /monitor /computers:p2dc02.corp.local,ntp.as2116.net
If w32tm don’t exist as a service
%windir%\system32\w32tm /register
Thnx to Henning Ims for this fantastic solution. 🙂
