Windows Server - Time Set Problem on Domain Clients...

Asked By Newman on 15-Sep-11 11:41 AM
I have a Win2003 Server with Active Directory.

The server is synced to an atomic clock, and the domain clients - up
until recently - were syncing with the DC.

SO...

All of a sudden I have a number of client computers that are +10
minutes compared with the DC!!!

If I manually reset, then within minutes they jump ahead +10 min again
and lose access to some network resources.

These are a combination of both old and new computers running Win XP
Pro, Win7 x86, and Win7 x64.

Some computers are less than a year old. Some had their CMOS battery
replaced within the last year - ALL are plugged into APC Smart UPS
units! so the CMOS battery should not even matter.

This is causing major headaches!

I tried taking one of the offending - and critical! - machines out of
the domian, deleteing the computer account in AD, and re-joining - NO
DICE! the problem persists!

ANY ideas (other than those already tired!) would be greatly
appreciated! My users are ticked, and I am about to go into a 2 day
Audit - so they are going to have big issues if I do not solve this.

H-E-L-P!!

Thanks in advance!


Newman replied to Newman on 15-Sep-11 05:47 PM
OK, how obscure is this....


I have Server1 which is the Domain Controller.

I have a HOST system which is NOT joined to the Domain, but it hosts 2
virtualized servers (2003 and 2008).

The virtualized servers *are* joined to the domian.

So here we go..

When the virtualized servers boot, they sync their clocks to the
domain controller.

About two seconds later, they sync to the HOST system!

And, as fate would have it, about half of the computers on our network
are sync'ing their clocks to the virtualized 2003 server rather than
the Domain Controller (virtualized 2003 is only a "member" server, not
a DC).

So it turns out that the HOST system was never configured to sync to
anything! So over the coarse of time, the HOST has drifted to be 10
minutes faster than the domain controller. And once that happened, the
time rippled up to the virtualized servers, which then went off-line
for the rest of the netowrk based on time variance!

ARG!

I have configured the the HOST system to sync to an atomic time
source, and re-synced it - and the virtualized servers - time has
resumed it is shape. :)


Now the other hard question...

Why are half of my client systems sync'ing to the virtualized server
2003 rather than the Domain Controller???

More to point, how do I correct it?

I tried w32tm /resync /rediscover - and they go right back to the
virtual box!

Any ideas??
Previous Windows Server Discussion:  Netdiag /fix equivalent in 2008R2? (Force DC to re-register all DNS entries)