Windows Server NTP Network Time

Correct time synchronization in an AD domain environment is a prerequisite for stable operation. This article describes how NTP (w32tm) is configured on a Windows Server 2012 (FSMO). As a rule, the PDC operations master is the NTP service server in a forest. A PDC emulator in a domain is synchronized with an external time source. In order for a domain controller to be regarded as a reliable time source, this must be specified explicitly.

In order to make the PDC emulator a reliable time source that regularly synchronizes with time servers on the Internet, the following commands from PowerShell are executed as administrator:

net stop w32time

w32tm /config /syncfromflags:manual /manualpeerlist:"0.ch.pool.ntp.org 1.ch.pool.ntp.org"

w32tm /config /reliable:yes

net start w32time

Show which time server is currently in use.

w32tm /query /source

Execute the time synchronization immediately.

w32tm.exe /resync /rediscover /nowait

The clients and servers in domain forest as well as shared storages can now synchronize the time with the PDC emulator.

The firewall permit UDP port 123 inbound, e.g. allow outgoing.

The NTP configuration can also be done via GPO by calling gpmc.msc.

Following Test Displays a graph of the offset between synchronizing computers.

w32tm /stripchart /computer:pdc.domain.local /samples:1 /dataonly

The configuration can also be checked in the registry.