Configuring Time Service

By default, only the first domain controller or so-called Root domain controller and finally so-called “PDC Emulator” is configured to be a Reliable Time Source.

If it doesn’t exist you need to create it to make it ReliableTimeSource for other client computers and domain controllers.

Let me explain something:

By default client machines use *default heirarchy” to synchronize time. Clients will only sync with their own domain controllers in the domain. This is default bahviour and by design and to keep time closer between all PCs.

PDC is the 2nd highest stratum. Client will try to sync time with their own domain controller *unless* specifically you specify to do so. Becuase PDC is configured an authoritative server by default. It is configured using *ReliableTimeSource” entry in registry.

Stratum:

1     External NTP time source
2     PDC emulator of the forest root domain
3     Domain controllers in the forest root domain or PDC emulators in child domains
4     Workstations and member servers in the forest root domain or domain controllers in child domains
5     Workstations and member servers in child domains

Computers choose a time source according to a specific order of preference. This order, from most preferred to least preferred. The following table displays the preferences for Selecting a Time Source:

Preference     Computer                                     Location      Reliability of Time Source
1     Parent domain controller                              In-site                      Reliable
2     Local domain controller                                In-site                      Reliable
3     Parent domain controller                              In-site                      Not reliable
4     Local PDC emulator                                      In-site                     Not reliable
5     Parent domain controller                               Out-of-site               Reliable
6     Local domain controller                                 Out-of-site               Reliable
7     Parent domain controller                               Out-of-site               Not reliable
8     Local PDC emulator                                      Out-of-site                Not reliable

There is nothing much you need to do with *ReliableTimeSource* entry in registry. Simply edit the value and set it to 1 to make it Reliable time source for all computers in your network.

Moreover, you can also configure your PDC or Root Domain Controller to sync with hardware as a source time server but it is recommended that you configure your PDC to sync with an external time source.

How to configure an Authoritative Time server in Windows 2000:
http://support.microsoft.com/kb/q216734/

2 thoughts on “Configuring Time Service”

  1. how do you add a 1 pulse per second discipline service to a Microsoft PDC acting as its forest’s own reliable time source.

    //tsg

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *