Best practice for external NTP Server on Windows AD network

windows ntp active-directory domain-controller time-synchronization

Solution 1:

The best practice is to disable the Time synchronization Hyper-V Integration Service for all virtual machines that are members of the AD domain.

The best practice is to sync your Hyper-V hosts to the AD domain if they're members of the domain:

net stop w32time
w32tm /unregister
w32tm /register
net start w32time
w32tm /config /syncfromflags:DOMHIER /update
net stop w32time
net start w32time

The best practice is to sync your non-PDCe Domain Controllers to the AD domain:

net stop w32time
w32tm /unregister
w32tm /register
net start w32time
w32tm /config /syncfromflags:DOMHIER /update
net stop w32time
net start w32time

The best practice is to sync your PDCe Domain Controller to an external time source:

net stop w32time
w32tm /unregister
w32tm /register
net start w32time
w32tm.exe /config /manualpeerlist:time.windows.com /syncfromflags:manual /reliable:YES /update
net stop w32time
net start w32time

Related

Docker - No Outbound Traffic / Bridge Only Works When in Promiscuous Mode
When a website is hit from two different browsers running on same computer. what are the properties that differ?
How to force Dovecot to reindex raw email files?
Multicast not working on macvtap device
Checking python version through ansible results into error
TLS for spesific relayhost on postfix
chrony does not log anything on my ec2 instance
remote desktop access colocated windows server?
Multiple Remote Desktop Connection in Windows Server 2003?
Hybrid Exchange - 3 step deprovisioning necessary when using archive
Can I use "Windows Server Backup function" or "wbadmin" to backup MariaDB?
Is Alpine Linux a bad choice for a server?