PDC and Time Server Issues

PDC is one of the most important FSMO roles on your organization.PDC server is responsible for time issues,password changes, Group Policy changes, Microsoft NT 4.0 Server communications.

If you are in the middle of Server 2008 Active Directory upgrading project, probably you’ll move your FSMO roles one by one to the new domain controllers.And one of them is PDC.

I will not discuss move process because there are so much information about it.But if you move your PDC role to the another server, there is one more step to configure.This is about Time Server configuration.

By default, your PDC role is your Time Server and reliable for your clients.All domain clients including additional DC’s receives time updates from PDC holder.

If you have configured an external time server for your PDC, and changed the holder, then you have to configure time server for both new PDC holder and formerly holder.

Former PDC holder , you must specify that it is no longer reliable for your domain clients.To achieve this goal, run the following commands;

w32tm /config /syncfromflags: domhier /reliable:no /update

net stop w32time && net start w32time

On new PDC Emulator;

w32tm /config /manualpeerlist: ntp.xxx.com /syncfromflags:manual /reliable:yes /update

ntp.xxx.com is your external ntp server.

After that , you can run the w32tm /monitor command to check everything is ok.

Leave a Reply

Your email address will not be published. Required fields are marked *

77 − = 73