The first Domain Controller in a Forest should be configured to use a reliable, external, time source, and usually this DC has the PDC Emulator role. However, if the PDC Emulator role is moved to another DC, it’s best practice to configure that DC to use an external time source, and reconfigure the other DC to synchronize from the domain instead of an external time source.
In short, the DC with the PDC Emulator role should sync externally, and all other DCs and member systems should sync to it.
The following commands work in Windows 2008 (including R2).
Test connectivity to the external time source:
w32tm /stripchart /computer:<external source> /samples:<n> /dataonly
Set the PDC Emulator to use an external time source:
w32tm /config /manualpeerlist:<peers> /syncfromflags:manual /reliable:yes /update
Example of the above commands:
w32tm /stripchart /computer:0.us.pool.ntp.org /samples:5 /dataonly Tracking 0.us.pool.ntp.org [64.6.144.6:123]. Collecting 5 samples. The current time is 5/25/2011 9:33:05 PM. 21:33:05, +00.0181917s 21:33:07, +00.0274447s 21:33:09, +00.0133732s 21:33:11, +00.0256472s 21:33:13, +00.0096342s w32tm /config /manualpeerlist:"0.us.pool.ntp.org 1.us.pool.ntp.org" /syncfromflags:manual /reliable:yes /update The command completed successfully.
Use the following commands on a DC that used to have the PDC Emulator role:
w32tm /config /syncfromflags:domhier /update w32tm /resync /rediscover
Some additional commands:
w32tm /query /configuration w32tm /query /source w32tm /query /peers w32tm /query /status w32tm /resync /nowait
Sometimes the following is needed:
net stop w32time w32tm /unregister w32tm /register net start w32time