![]() Windows expects a space-delimited list of DNS host names with the hexadecimal value 0x1 appended to each one (don’t even ask). To do this, we modify the NtpServer value at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters. To do this we must change the value data of the Enabled value at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\įourth, we need to specify our external time sources. Change the AnnounceFlags value at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags to 5. Second, we need to set the proper NTP announce flag. This setting reflects use of the Network Time Protocol, an industry standard protocol for time synchronization and management. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Timeįirst, we must change the server type to NTP by modifying the Type value at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type. To this end, you might want to create a Registry backup before proceeding with this work.Īll of the following value changes are stored in the following Registry root path: Pointing our domain authoritative time server (the PDC Emulator role holder, recall) at an external time source requires some tinkering with the Windows Registry. Configuring the authoritative time server for the domain A bit of complexity comes in when we want our authoritative server to synchronize its system clock with an external time source. ![]() NOTE: You can ascertain the domain controller that holds the PDC Emulator role by opening an administrative command prompt on any domain controller and issuing the command dsquery server –hasfsmo pdc.Īll of the previously described behavior happens “out of the box,” with no special configuration required on the part of the Windows systems administrator. PDC Emulators and domain controllers from other domains (C) synchronize their clocks with either forest root domain controllers or the forest root PDC Emulator. In turn, domain member servers (D) and domain workstations (E) synchronize their time with any available domain controller. Other domain controllers within the domain (B) synchronize their time with the PDC Emulator. In the above diagram, the forest root PDC Emulator (A) serves time for the entire forest. Default time sync behavior in Active Directory ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |