    I've been having problems with our network time server setup for a while now and just when it seems that it has been resolved another issue pops up. I really need to nip this in the butt soon so I can move on and not worry about this stuff any more...

    Here's our current setup:
    2 - Server 2008 STD Domain Controllers (dc1 and dc2)
    A bunch of Windows XP clients and most servers running Server 2003

    It is my understanding that by default all clients will point to the PDC to sync the time from. My PDC is dc1.

    If all clients point to dc1 for time then I want dc1 pointing to dc2 and dc2 pointing to

    I have verified that there is nothing configured in Group Policy for the Windows Time Service

    Here's what I've done:
    1) On dc1 and dc2 I have run the W32tm /unregister, wait a couple of minutes, run the W32tm /register to wipe all out previous settings.
    2) On dc1 (PDC) I ran the w32tm /configure /manualpeerlist: /syncfromflags:manual /update
    ( is the IP address of dc2)
    3) On dc2 I ran the w32tm /configure /,0◊1 /syncfromflags:manual /update

    So far I believe that I have now correctly pointed dc1 (the PDC) to get the time from dc2.
    Dc2 should now be set to get its time from

    Can anyone verify that what I have done is correct?

    What has started happening recently is that remote users/laptops go out of the office and since they are not connected to the domain they cannot contact our domain controllers. If the time gets out of sync the wireless adapter shuts off. What are some best practices for laptops/remote users when it comes to time servers and them being off the domain?

    Many thanks in advance

    This might tell you how the sync works...

    Other domain controllers in the forest root domain and PDC Emulators in child domains use W32Time to poll the PDC Emulator in the forest root domain periodically to ensure their clocks remain synchronized. Workstations and member servers then poll domain controllers in their domains to synchronize their own clocks, with the result being that all computers in the forest synchronize their clocks, either directly or indirectly, with the PDC Emulator in the forest root domain
      Thank you Dumber, it appears that I might have been on the wrong track.
      What I was trying to do was have only 1 DC go out to the external clock as opposed to both.

      After reading the article found at the link you provided my understanding is now this:
      All clients within the network will look to Domain Controllers for their timing. My secondary domain controller is now looking for the PDC to get its time. My PDC (dc1) is now looking to for its time.

      So far all the servers appear to be looking at the correct place for their time.

      My question now:
      What is best practice for laptops?
      My laptop is looking for the DC while off network and because it cannot find it I'm having problems after problems (namely that the wireless connection will not work)
      What is your company doing or are you not experiencing this?


        What I was trying to do was have only 1 DC go out to the external clock as opposed to both.
        That's right, you only need to configure the pdc on the root domain with the external time source. The rest of the network then will sync with that as per the hierarchy rule explained before. You don't need to do anything, the windows time service (W32Time) takes care of that.
        Also, how long are the laptops going to stay of the network for?
        Again, providing the w32time service did configure the time initially on the clients, it should be set even if the time source (DC) isn't reachable.
        I might be missing something but I can't see the connection between the wireless dropping and the time skew! what exactly are you experiencing with the wireless?
          This is pretty weird but a while back my boss got a call about a program not being able to run. Turned out that the system time was off on this laptop and because the time was off a logon script that maps network drives wouldn't successfully complete and the program wouldn't run (data files on network).

          Last week I was at home and got a call from a lady that took a laptop to Vegas. She said that the wireless icon had a red X over it and I walked her through everything to get it back up and working to no avail. Once I got the laptop in my hands in the office I noticed a ton of w32 errors in the system log during the same exact time she was having problems in Vegas. Once I plugged the laptop up to the network the w32 errors stopped and the wireless came right back on without me having to do anything.

          It appears that if the system time is off by X amount we cannot map network drives and the wireless adapter hides itself (still shows in hardware manager, still shows in network connections, etc.)

          so weird...
          your thoughts?


            Drives won't map because authentication will fail (Kerberos relies on 2 peers being synchronised) but unless you're using enterprise-grade wireless security, that shouldn't be affected. It certainly shouldn't do what you're seeing, as far as I know.
