[dcxman]

Morning all.

I have a slight dilemma. I just recently started noticing a hang in the amount of time that it takes for a client to log into the domain. But when I go to check the PDC, all I see in the event viewer under the "System Log" is that "The NTP server didn't respond".

I'm guessing it's some sort of Net Time protocol server? How do I fix it? Why is it asking for it? Do I have to change the MoBo battery?

Sorry to bother you guys.

Thanx in advance.

[ryoko]

well, NTP is network time protocol. I can not recall if you are running win2k or NT. Either way you could check your firewall settings to see if the port is blocked if you want access to an external time server. 2000 depends on all systems having accurate time much more than NT. It has to do with the authentication especially using kerberos security.

Hope this helps.
-Ry

[dcxman]

Thanx again Ryoko.

I do have a Win2K domain setup. You're probably right about the port being blocked off. Our main network area just recently received an Extreme Networks Firewall. I'm pretty sure they're implementing and testing settings. I don't suppose you would know how to setup a Win2K Adv. standalone server for NTP?

Well, thanks again in advance either way.

[clutch]

If you are hosting DHCP from that server, you can set it up to hand out the IP of that server (or any other NTP source you would like) to the clients as the come online. For the server, check out this Technet KB article for more information:

http://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q216734&

Go here to see what USNO Time Server you should use (if in the US, of course;)):

http://tycho.usno.navy.mil/ntp.html

And then validate your time against this bad boy right here:

http://www.time.gov/

This should pretty much keep you covered. With respect to the error, it *might* not be any sort of firewall issue, as I get intermittent failures as well when syncing within my domain or to an outside source. Once this is configured, you will probably be fine but you might see those errors occasionally anyway because of network traffic or NTP server overhead at the time of the request. If you want to see if the port is blocked, you can just try "net time <server IP> /set /y" at the command line and see if it will connect. If not, then you may very well be blocked.

[dcxman]

Gives me much better insight into what I'm dealing with here. Although I'm not located in the US but rather Canada in an EST Zone, can I still use that site?

Thanks again.

[clutch]

Yep, you should be fine.

[dcxman]

Just to double check.

In order to set a new NTP server to authenticate time to I would use the net command as follows?:

<PROMPT:/>net time \\192.5.41.40 /setsntp


Is that the right syntax?

If it is I get and error message that says:


"System error 53 has occurred"

"The network path was not found"


Is my port being blocked? The funny thing is that I can ping to it, no problem.


Thanks

[clutch]

When you use the "\\", you are requesting to use NetBIOS resolution/communication, and that isn't what you want with an external source like that. Just use "net time /SETSNTP:192.5.41.40" at the command line and you should be fine.

[dcxman]

I just wanted to give props to Clutch and Ryoko for helping a low level tech down on his luck.

Apparently I was informed by our central network services that the port was blocked for security. So I was given a new internal IP for NTP and am running fine now.

Thanx again.