NTP Time sync to Domain Server

Eric Pearson 20 Reputation points
2023-03-24T20:08:43.9866667+00:00

Hello,

Ok my setup is I have a Windows Server 2019 server. This server is part of my Domain, but is not a Domain Controller and cannot be one.

I then have a Windows 10 v21H2 client system.

What I am trying to do is to use the Windows Server as the NTP server for the Windows 10 client.

If I remove the Server from the domain, this works fine. I can make time changes on the client system and then reboot and see the system re-sync to the server.

However, once I put the Windows Server on the domain this no longer works. The client no longer is able to sync with the server.

Does anyone know why this is? Is there any fix to this?

I need the Client to sync to the server for log file purposes. We need to be able to see the logs on each system and they need to match exactly.

Thanks.

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,397 questions
0 comments No comments
{count} votes

Accepted answer
  1. Dave Patrick 425.7K Reputation points MVP
    2023-03-24T20:42:46.25+00:00

    So I'd do a

    netstat -aon>C:\netstat.txt
    

    then look for a line in the file similar to

      UDP    0.0.0.0:123            *:*                                    256
    
    

    then use Task Manager\Processes tab to see that the PID is for Windows Time service

    enter image description here

    then you can use prtqry tool to check from the 10 client.
    https://learn.microsoft.com/en-US/troubleshoot/windows-server/networking/portqry-command-line-port-scanner-v2#step-2-specialized-tests

    -

    --please don't forget to upvote and Accept as answer if the reply is helpful--


5 additional answers

Sort by: Most helpful
  1. Dave Patrick 425.7K Reputation points MVP
    2023-03-24T20:15:13.6933333+00:00

    The client no longer is able to sync with the server.

    What problem are you having? The network firewall profile changes when you join a domain so make sure the require port is flowing between any network routes and is open on any firewalls including the windows firewalls. UDP 123 Also when you join a domain the member begins to use NT5DS and sync itself with a domain controller.

    Some general info

    0 comments No comments

  2. Eric Pearson 20 Reputation points
    2023-03-24T20:19:19.2633333+00:00

    Hello,

    The problem I am having is that now that the Windows Server has been added to the domain, the client system is no longer synching with it. I have checked the firewall on both devices and I have the UDP port 123 open on both. I also did a test of turning off the firewall to confirm that was not the issue. That did not fix the problem.

    The client system is not on the domain and cannot be put on the domain. So syncing with the Domain Controller is not an option.

    Thanks.


  3. Eric Pearson 20 Reputation points
    2023-03-24T20:24:34.9+00:00

    Yes, and it is set to Automatic, so it starts on power up.

    Thanks.

    0 comments No comments

  4. Eric Pearson 20 Reputation points
    2023-03-27T12:51:26+00:00

    Hello,

    I did not have time to look at this over the weekend I will be testing the steps you listed above later today or tomorrow morning. When I do i will respond with what i find.

    Thanks.