Domain-wide Time Synchronization: A Personal Journey – Part 1

Categories: Networking, Virtualization

Ok, this one’s been bugging me for a while. It’s one of those things that is not overly complicated, but just takes some time to dig in and get the process down right. Time synchronization is so important and necessary that we tend to take it for granted and never give it much thought. There are many problems and symptoms that can arise from systems that are out of sync. To the untrained eye, these problems can be difficult to diagnose and correct. But it all boils down to the fact that your Windows clients and servers should all be synchronized to an authoritative network time protocol (ntp) server, based on your Active Directory hierarchy. In a Microsoft Windows Active Directory domain, this is the domain controller that contains the PDC (Primary Domain Controller emulator) role. This system, in turn, should be synchronized with an accurate and dependable Internet NTP server or a physical device, like a GPS.

I am going to attempt to explain the steps required to configure time synchronization in a Microsoft Windows AD domain in the next few posts, but here’s a summary:

1 – configure NTP time source for PDC domain contoller
2 – configure poll interval on member servers (15 minutes; my preference)
3 – ensure that all member servers and workstations are configured for the NTP time source type of “NT5DS”
4 – test and verify time sync