Here is a scenario that I have run into a few times. An Active Directory environment where the PDC (Primary Domain Controller) Emulator role is hosted on a virtualized domain controller that is running on Hyper-V. It is perfectly acceptable to do this, however it is very likely that the environment will suffer from time drift. In some cases this it can be a big problem. Here is a solution I have tested and found to work well.
- Remove time synchronization for the PDC Emulator in Hyper-V:
- In the Hyper-V management console, go to the settings for the PDC Emulator domain controller.
- Select Integration Services and uncheck Time synchronization.
- Set the PDC Emulator to synchronize with an external source.
- Connect to the PDC emulator
- Download and run the following Microsoft fix it.* Set the NtpServer to us.pool.ntp.org,0x1
- Run the following commands in an administrative command window:
- net start w32time
- w32tm /config /manualpeerlist:“us.pool.ntp.org,0x1” /syncfromflags:MANUAL /reliable:yes
- w32tm /config /update
- w32tm /resync
- w32tm /resync /rediscover
- In the same command window run w32tm /query /status. At this point the source should be us.pool.ntp.org.
- Set the peer domain controllers to sync with the PDC Emulator.
- Connect to each peer domain controller and run the following commands in an administrative command window:
- w32tm /config /syncfromflags:DOMHIER /update
- net stop w32time && net start w32time
- w32tm /resync /force
- Connect to each peer domain controller and run the following commands in an administrative command window:
* If the link no longer works, then go here and choose the fix it for me under “Configuring the Windows Time service to use an external time source.”
Glennopedia 