Loading...

Set time on a VMWare hosted domain controller

When you set up a domain controller in VMWare and join machines to it, you will typically need to set an external NTP server for it to communicate with as it will, over time become 1,2,3,4,5 minutes off. I’ve seen this numerous times. There are a few other methods to resolve this, but this is my preferred. (The immediate install won’t have this problem, it will probably crop up about 5 months down the line).

  1. Make sure you are setting this on the domain controller with the FSMO roles.
    netdom /query fsmo
  2. Stop the time service (you will usually get the best results this way)
    net stop w32time
  3. Set the time sources you will use. This site has an excellent list. https://tf.nist.gov/tf-cgi/servers.cgi
    w32tm /config /syncfromflags:manual /manualpeerlist:time.nist.gov
  4. Set your domain controller as a reliable time source for clients connecting.
    w32tm /config /reliable:yes
  5. Start the time service back up
    net start w32time
  6. Force a time update
    w32tm /query /configuration
  7. Verify your work
    w32tm /query /status

This was used on Windows Server 2019 and should work on 2016 as well. Older versions I haven’t used this exact process on.

Leave a Reply