NAVIGATION
CATEGORIES
REFERRENCE
LINKS
Time Server for Forest Root PDC
5 answers - 240 bytes -
How have people on this list configured their Forest Root PDC to synchronize
the time service? Is it K. to use an internal time server on a firewall?
Is it best to point to tick.usno.navy.mil or time.windows.com?
TeoNo.1 | | 848 bytes |
| 
The best approach is to setup NTP on the PDC Emulator role Forest Root DC to point to the two IP addresses by IP on the 2 US Naval time servers. It is possible to use an internal server but best to use the external ones, depending on the individual company.
Chuck
Message
From: Teo De Las Heras <teoheras (AT) gmail (DOT) com>
To: ActiveDir (AT) mail (DOT) activedir.org
Sent: Mon, 12 Jun 2006 13:22:33 -0400
Subject: [ActiveDir] Time Server for Forest Root PDC
How have people on this list configured their Forest Root PDC to synchronize the time service? Is it K. to use an internal time server on a firewall? Is it best to point to tick.usno.navy.mil or time.windows.com?
Teo
Check out AL.com today. Breaking news, video search, pictures, email and IM. All on demand. Always Free.No.2 | | 1353 bytes |
| That's how I feel. My argument against using the internal firewall is that
should someone change the firewall (woops) then every PC get's that change.
the other hand, someone making a change to the DC's time should now
enough about AD to not do it. Even then, an alert would be generated (if
configured in MM).
Teo
6/12/06, chuckgaff (AT) aol (DOT) com <chuckgaff (AT) aol (DOT) comwrote:
The best approach is to setup NTP on the PDC Emulator role Forest Root
DC to point to the two IP addresses by IP on the 2 US Naval time
servers. It is possible to use an internal server but best to use the
external ones, depending on the individual company.
Chuck
Message
From: Teo De Las Heras <teoheras (AT) gmail (DOT) com>
To: ActiveDir (AT) mail (DOT) activedir.org
Sent: Mon, 12 Jun 2006 13:22:33 -0400
Subject: [ActiveDir] Time Server for Forest Root PDC
How have people on this list configured their Forest Root PDC to
synchronize the time service? Is it K. to use an internal time server
on a firewall? Is it best to point to tick.usno.navy.mil or
time.windows.com?
Teo
*Check out AL.com today*<%3A%2F%2Fwww%2Eaol%2Ecom>.
Breaking news, video search, pictures, email and IM. All on demand. Always
Free.
--No.3 | | 1147 bytes |
| Message
From: ActiveDir-owner (AT) mail (DOT) activedir.org [mailto:ActiveDir-
owner (AT) mail (DOT) activedir.org] Behalf Teo De Las Heras
Sent: 12 June 2006 18:23
To: ActiveDir (AT) mail (DOT) activedir.org
Subject: [ActiveDir] Time Server for Forest Root PDC
How have people on this list configured their Forest Root PDC to
synchronize the time service? Is it K. to use an internal time
server on a firewall? Is it best to point to tick.usno.navy.mil or
time.windows.com?
I'm coming late to this party but that hasn't stopped me throwing in my
two pennies worth before
We have our own atomic / radio clock here, physically attached to a DC.
The DC it is connected to syncs to this hardware and all our other
servers sync to this DC.
My feeling is that while having the correct time is obviously a very
good thing, what is more important is that all your nodes are consistent
with each other; in other words, I think that what source you pick is
less important than picking just one source and making damn sure every
node uses time that is based off this source.No.4 | | 1625 bytes |
| You do want to choose a reliable source, whatever it is. An external atomic clock is most likely to be reliable so long as you can communicate with it successfully and consistently. It is important to keep internal system clocks in synch.
Chuck
Message
From: Rob MIR <RIM (AT) LutonSFC (DOT) ac.uk>
To: ActiveDir (AT) mail (DOT) activedir.org
Sent: Tue, 13 Jun 2006 11:33:20 +0100
Subject: RE: [ActiveDir] Time Server for Forest Root PDC
Message
From: ActiveDir-owner (AT) mail (DOT) activedir.org [mailto:ActiveDir-
owner (AT) mail (DOT) activedir.org] Behalf Teo De Las Heras
Sent: 12 June 2006 18:23
To: ActiveDir (AT) mail (DOT) activedir.org
Subject: [ActiveDir] Time Server for Forest Root PDC
How have people on this list configured their Forest Root PDC to
synchronize the time service? Is it K. to use an internal time
server on a firewall? Is it best to point to tick.usno.navy.mil or
time.windows.com?
I'm coming late to this party but that hasn't stopped me throwing in my
two pennies worth before
We have our own atomic / radio clock here, physically attached to a DC.
The DC it is connected to syncs to this hardware and all our other
servers sync to this DC.
My feeling is that while having the correct time is obviously a very
good thing, what is more important is that all your nodes are consistent
with each other; in other words, I think that what source you pick is
less important than picking just one source and making damn sure every
node uses time that is based off this source.No.5 | | 1449 bytes |
| Yeah, do what Chuck says. The last thing you want is to be at the mercy
of your firewall admins (if you're not already).
Thanks,
Brian Desmond
brian (AT) briandesmond (DOT) com
c - 312.731.3132
From: ActiveDir-owner (AT) mail (DOT) activedir.org
[mailto:ActiveDir-owner (AT) mail (DOT) activedir.org] Behalf
chuckgaff (AT) aol (DOT) com
Sent: Monday, June 12, 2006 1:16 PM
To: ActiveDir (AT) mail (DOT) activedir.org
Subject: Re: [ActiveDir] Time Server for Forest Root PDC
The best approach is to setup NTP on the PDC Emulator role Forest Root
DC to point to the two IP addresses by IP on the 2 US Naval
time servers. It is possible to use an internal server but best to use
the external ones, depending on the individual company.
Chuck
Message
From: Teo De Las Heras <teoheras (AT) gmail (DOT) com>
To: ActiveDir (AT) mail (DOT) activedir.org
Sent: Mon, 12 Jun 2006 13:22:33 -0400
Subject: [ActiveDir] Time Server for Forest Root PDC
How have people on this list configured their Forest Root PDC to
synchronize the time service? Is it K. to use an internal time server
on a firewall? Is it best to point to tick.usno.navy.mil or
time.windows.com?
Teo
Check out AL.com today
<
=http%3A%2F%2Fwww%2Eaol%2Ecom. Breaking news, video search, pictures,
email and IM. All on demand. Always Free.
QUESTION ON "Windows"
- Visual Basic E-book
- THTTPCli & "false" 404 pages
- DNS - How to tell the static DNS IP-addresses perserver
- What to use with BDS 2006
- DNS - How to tell the static DNS IP-addresses per server
- DNS - How to tell the static DNS IP-addresses per server
- THTTPCli & "false" 404 pages
- DNS Question
- Best Way to Go USA on Student Visa. Apply Today and Get Visa Now.
- DNS - How to tell the static DNS IP-addresses per server
- AD integration
- New ICS-V6 beta
- winsock controls questions
- I need a source code
- PCs hang at "Applying computer settings" after upgradingDCs to 2K3 SP1
- 64-Bit Processors Issue
- OT: Security Policy Thoughts
- LDAP Directory Server Path
- WM vs Flash Media Server
- Logged in user