NTP (W32tm) issue with Win 2003 PDC

  • Thread starter Thread starter Barkley Bees
  • Start date Start date
B

Barkley Bees

Guest
We are experiencing a problem with NTP in our AD network. Our Win2003 PDC is
configured to get NTP information from our internal core switch. When we
initally set this up it was working fine (see below success W32Time events):
-----------------------
Event ID 37:
The time provider NtpClient is currently receiving valid time data from
###.###.###.### (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).

Evenit ID 35:
The time service is now synchronizing the system time with the time source
###.###.###.### (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).
-----------------------

....but then after 2-3 days it suddenly started failing and ever since we are
getting the following W32Time related errors in the event log:
-----------------------
Event ID 38:
The time provider NtpClient cannot reach or is currently receiving invalid
time data from ###.###.###.###
(ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).

Event ID 47:
Time Provider NtpClient: No valid response has been received from manually
configured peer ###.###.###.###,0x1 after 8 attempts to contact it. This
peer will be discarded as a time source and NtpClient will attempt to
discover a new peer with this DNS name.

Event ID 29:
The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. No
attempt to contact a source will be made for 15 minutes. NtpClient has no
source of accurate time.
-----------------------

1. Performing a dumpreg I get the below output in which nothing appears
amiss: C:\>w32tm /dumpreg /subkey:parameters

Value Name Value Type Value Data
-------------------------------------------------
ServiceMain REG_SZ SvchostEntry_W32Time
ServiceDll REG_EXPAND_SZ C:\WINDOWS\system32\w32time.dll
NtpServer REG_SZ ###.###.###.###,0x1
Type REG_SZ NTP

2. Doing w32tm /monitor outputs the below:

C:\>w32tm /monitor /computers:###.###.###.###
###.###.###.### [###.###.###.###]:
ICMP: 0ms delay.
NTP: +73.9693781s offset from local clock
RefID: (unknown) [127.127.7.1]

3. I then performed a port query and got the below:

C:\>portqry -n ###.###.###.### -e 123 -p UDP
Querying target system called:
###.###.###.###
Attempting to resolve IP address to a name...
Failed to resolve IP address to name
UDP port 123 (ntp service): LISTENING or FILTERED

4. Doing a Resync or Rediscover resulted in the below errors:

C:\>w32tm /resync
Sending resync command to local computer...
The computer did not resync because no time data was available.
-----------------------
C:\>w32tm /resync /rediscover
Sending resync command to local computer...
The computer did not resync because no time data was available.

5. I then turned on debug logging for Windows Time Service
(http://support.microsoft.com/kb/816043/). Here is a sample portion of the
log that is of concern:

148794 01:55:09.1875000s - Packet test 8 failed (bad value for root delay or
root dispersion).
148794 01:55:09.1875000s - Ignoring packet that failed tests from
###.###.###.### (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).

I can see in the logs that the PDC is able to communicate with our core
switch but then it spits out the above error message for which I can find no
information whatsoever to help me troubleshoot the issue.

6. I checked over the GPO's being applied to the PDC (C:\>gpresult /z >
c:\gp.txt) to ensure that nothing in the policies (Computer
configuration/Administrative Templates /System/Windows Time service/Time
Providers) would be conflicting with the NTP. I could see nothing that would
be related.

7. I found the following, thread at msfn.org to be extremely helpful:
http://www.msfn.org/board/lofiversion/index.php/t67060.html.
This document was also quite informative:
http://www.mmmug.co.uk/files/216/download.aspx (unfortunately though,
these did not resolve the issue for me).

If anyone has experienced similar issues that can provide some words of
wisdom, I'd much appreciate it (as I'm at my wits end). Thanks very much.
 
RE: NTP (W32tm) issue with Win 2003 PDC

Have you tried this ?

net stop w32time
then run the following command:

W32tm -unregister
W32tm -register

start time service again.

"Barkley Bees" wrote:

> We are experiencing a problem with NTP in our AD network. Our Win2003 PDC is
> configured to get NTP information from our internal core switch. When we
> initally set this up it was working fine (see below success W32Time events):
> -----------------------
> Event ID 37:
> The time provider NtpClient is currently receiving valid time data from
> ###.###.###.### (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).
>
> Evenit ID 35:
> The time service is now synchronizing the system time with the time source
> ###.###.###.### (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).
> -----------------------
>
> ....but then after 2-3 days it suddenly started failing and ever since we are
> getting the following W32Time related errors in the event log:
> -----------------------
> Event ID 38:
> The time provider NtpClient cannot reach or is currently receiving invalid
> time data from ###.###.###.###
> (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).
>
> Event ID 47:
> Time Provider NtpClient: No valid response has been received from manually
> configured peer ###.###.###.###,0x1 after 8 attempts to contact it. This
> peer will be discarded as a time source and NtpClient will attempt to
> discover a new peer with this DNS name.
>
> Event ID 29:
> The time provider NtpClient is configured to acquire time from one or more
> time sources, however none of the sources are currently accessible. No
> attempt to contact a source will be made for 15 minutes. NtpClient has no
> source of accurate time.
> -----------------------
>
> 1. Performing a dumpreg I get the below output in which nothing appears
> amiss: C:\>w32tm /dumpreg /subkey:parameters
>
> Value Name Value Type Value Data
> -------------------------------------------------
> ServiceMain REG_SZ SvchostEntry_W32Time
> ServiceDll REG_EXPAND_SZ C:\WINDOWS\system32\w32time.dll
> NtpServer REG_SZ ###.###.###.###,0x1
> Type REG_SZ NTP
>
> 2. Doing w32tm /monitor outputs the below:
>
> C:\>w32tm /monitor /computers:###.###.###.###
> ###.###.###.### [###.###.###.###]:
> ICMP: 0ms delay.
> NTP: +73.9693781s offset from local clock
> RefID: (unknown) [127.127.7.1]
>
> 3. I then performed a port query and got the below:
>
> C:\>portqry -n ###.###.###.### -e 123 -p UDP
> Querying target system called:
> ###.###.###.###
> Attempting to resolve IP address to a name...
> Failed to resolve IP address to name
> UDP port 123 (ntp service): LISTENING or FILTERED
>
> 4. Doing a Resync or Rediscover resulted in the below errors:
>
> C:\>w32tm /resync
> Sending resync command to local computer...
> The computer did not resync because no time data was available.
> -----------------------
> C:\>w32tm /resync /rediscover
> Sending resync command to local computer...
> The computer did not resync because no time data was available.
>
> 5. I then turned on debug logging for Windows Time Service
> (http://support.microsoft.com/kb/816043/). Here is a sample portion of the
> log that is of concern:
>
> 148794 01:55:09.1875000s - Packet test 8 failed (bad value for root delay or
> root dispersion).
> 148794 01:55:09.1875000s - Ignoring packet that failed tests from
> ###.###.###.### (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).
>
> I can see in the logs that the PDC is able to communicate with our core
> switch but then it spits out the above error message for which I can find no
> information whatsoever to help me troubleshoot the issue.
>
> 6. I checked over the GPO's being applied to the PDC (C:\>gpresult /z >
> c:\gp.txt) to ensure that nothing in the policies (Computer
> configuration/Administrative Templates /System/Windows Time service/Time
> Providers) would be conflicting with the NTP. I could see nothing that would
> be related.
>
> 7. I found the following, thread at msfn.org to be extremely helpful:
> http://www.msfn.org/board/lofiversion/index.php/t67060.html.
> This document was also quite informative:
> http://www.mmmug.co.uk/files/216/download.aspx (unfortunately though,
> these did not resolve the issue for me).
>
> If anyone has experienced similar issues that can provide some words of
> wisdom, I'd much appreciate it (as I'm at my wits end). Thanks very much.
>
>
>
>
>
>
 
Re: NTP (W32tm) issue with Win 2003 PDC

have you seen:
http://support.microsoft.com/kb/830092

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* How to ask a question --> http://support.microsoft.com/?id=555375
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test ANY suggestion in a test environment before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"Barkley Bees" <barkbees@nomail.com> wrote in message
news:%23SxgM3uuIHA.4772@TK2MSFTNGP03.phx.gbl...
> We are experiencing a problem with NTP in our AD network. Our Win2003 PDC
> is configured to get NTP information from our internal core switch. When
> we initally set this up it was working fine (see below success W32Time
> events):
> -----------------------
> Event ID 37:
> The time provider NtpClient is currently receiving valid time data from
> ###.###.###.### (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).
>
> Evenit ID 35:
> The time service is now synchronizing the system time with the time source
> ###.###.###.### (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).
> -----------------------
>
> ...but then after 2-3 days it suddenly started failing and ever since we
> are getting the following W32Time related errors in the event log:
> -----------------------
> Event ID 38:
> The time provider NtpClient cannot reach or is currently receiving invalid
> time data from ###.###.###.###
> (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).
>
> Event ID 47:
> Time Provider NtpClient: No valid response has been received from
> manually configured peer ###.###.###.###,0x1 after 8 attempts to contact
> it. This peer will be discarded as a time source and NtpClient will
> attempt to discover a new peer with this DNS name.
>
> Event ID 29:
> The time provider NtpClient is configured to acquire time from one or more
> time sources, however none of the sources are currently accessible. No
> attempt to contact a source will be made for 15 minutes. NtpClient has no
> source of accurate time.
> -----------------------
>
> 1. Performing a dumpreg I get the below output in which nothing appears
> amiss: C:\>w32tm /dumpreg /subkey:parameters
>
> Value Name Value Type Value Data
> -------------------------------------------------
> ServiceMain REG_SZ SvchostEntry_W32Time
> ServiceDll REG_EXPAND_SZ C:\WINDOWS\system32\w32time.dll
> NtpServer REG_SZ ###.###.###.###,0x1
> Type REG_SZ NTP
>
> 2. Doing w32tm /monitor outputs the below:
>
> C:\>w32tm /monitor /computers:###.###.###.###
> ###.###.###.### [###.###.###.###]:
> ICMP: 0ms delay.
> NTP: +73.9693781s offset from local clock
> RefID: (unknown) [127.127.7.1]
>
> 3. I then performed a port query and got the below:
>
> C:\>portqry -n ###.###.###.### -e 123 -p UDP
> Querying target system called:
> ###.###.###.###
> Attempting to resolve IP address to a name...
> Failed to resolve IP address to name
> UDP port 123 (ntp service): LISTENING or FILTERED
>
> 4. Doing a Resync or Rediscover resulted in the below errors:
>
> C:\>w32tm /resync
> Sending resync command to local computer...
> The computer did not resync because no time data was available.
> -----------------------
> C:\>w32tm /resync /rediscover
> Sending resync command to local computer...
> The computer did not resync because no time data was available.
>
> 5. I then turned on debug logging for Windows Time Service
> (http://support.microsoft.com/kb/816043/). Here is a sample portion of
> the log that is of concern:
>
> 148794 01:55:09.1875000s - Packet test 8 failed (bad value for root delay
> or root dispersion).
> 148794 01:55:09.1875000s - Ignoring packet that failed tests from
> ###.###.###.### (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).
>
> I can see in the logs that the PDC is able to communicate with our core
> switch but then it spits out the above error message for which I can find
> no information whatsoever to help me troubleshoot the issue.
>
> 6. I checked over the GPO's being applied to the PDC (C:\>gpresult /z >
> c:\gp.txt) to ensure that nothing in the policies (Computer
> configuration/Administrative Templates /System/Windows Time service/Time
> Providers) would be conflicting with the NTP. I could see nothing that
> would be related.
>
> 7. I found the following, thread at msfn.org to be extremely helpful:
> http://www.msfn.org/board/lofiversion/index.php/t67060.html.
> This document was also quite informative:
> http://www.mmmug.co.uk/files/216/download.aspx (unfortunately
> though, these did not resolve the issue for me).
>
> If anyone has experienced similar issues that can provide some words of
> wisdom, I'd much appreciate it (as I'm at my wits end). Thanks very much.
>
>
>
>
>
 
Re: NTP (W32tm) issue with Win 2003 PDC

I tried this but to no avail. I found that the cause was that the switch it
was getting the time from was too far ahead (~8 minutes) so the PDC would
not sync with it and output the below:

C:\>w32tm /resync
Sending resync command to local computer...
The computer did not resync because no time data was available.

As soon as the switch was fixed to sync correctly from it source time server
the PDC was then able to successfully resync.

I have now noticed another problem though. Now the client PC's (and our
other 2 DC's) are showing W32Time errors in their event logs:

-----------------------

Event ID: 24

Time Provider NtpClient: No valid response has been received from domain
controller 'PDC name' after 8 attempts to contact it. This domain controller
will be discarded as a time source and NtpClient will attempt to discover a
new domain controller from which to synchronize.
-----------------------

Event ID: 29

The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. No
attempt to contact a source will be made for 15 minutes. NtpClient has no
source of accurate time.

-----------------------


And now our other two DC's (not PDC) are showing:

-----------------------

Oh, the fun never ends!


"Rj" <Rj@discussions.microsoft.com> wrote in message
news:76CF93BF-CA50-45C8-8FD9-B7B894B148B8@microsoft.com...
> Have you tried this ?
>
> net stop w32time
> then run the following command:
>
> W32tm -unregister
> W32tm -register
>
> start time service again.
>
> "Barkley Bees" wrote:
>
>> We are experiencing a problem with NTP in our AD network. Our Win2003 PDC
>> is
>> configured to get NTP information from our internal core switch. When we
>> initally set this up it was working fine (see below success W32Time
>> events):
>> -----------------------
>> Event ID 37:
>> The time provider NtpClient is currently receiving valid time data from
>> ###.###.###.### (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).
>>
>> Evenit ID 35:
>> The time service is now synchronizing the system time with the time
>> source
>> ###.###.###.### (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).
>> -----------------------
>>
>> ....but then after 2-3 days it suddenly started failing and ever since we
>> are
>> getting the following W32Time related errors in the event log:
>> -----------------------
>> Event ID 38:
>> The time provider NtpClient cannot reach or is currently receiving
>> invalid
>> time data from ###.###.###.###
>> (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).
>>
>> Event ID 47:
>> Time Provider NtpClient: No valid response has been received from
>> manually
>> configured peer ###.###.###.###,0x1 after 8 attempts to contact it. This
>> peer will be discarded as a time source and NtpClient will attempt to
>> discover a new peer with this DNS name.
>>
>> Event ID 29:
>> The time provider NtpClient is configured to acquire time from one or
>> more
>> time sources, however none of the sources are currently accessible. No
>> attempt to contact a source will be made for 15 minutes. NtpClient has no
>> source of accurate time.
>> -----------------------
>>
>> 1. Performing a dumpreg I get the below output in which nothing appears
>> amiss: C:\>w32tm /dumpreg /subkey:parameters
>>
>> Value Name Value Type Value Data
>> -------------------------------------------------
>> ServiceMain REG_SZ SvchostEntry_W32Time
>> ServiceDll REG_EXPAND_SZ C:\WINDOWS\system32\w32time.dll
>> NtpServer REG_SZ ###.###.###.###,0x1
>> Type REG_SZ NTP
>>
>> 2. Doing w32tm /monitor outputs the below:
>>
>> C:\>w32tm /monitor /computers:###.###.###.###
>> ###.###.###.### [###.###.###.###]:
>> ICMP: 0ms delay.
>> NTP: +73.9693781s offset from local clock
>> RefID: (unknown) [127.127.7.1]
>>
>> 3. I then performed a port query and got the below:
>>
>> C:\>portqry -n ###.###.###.### -e 123 -p UDP
>> Querying target system called:
>> ###.###.###.###
>> Attempting to resolve IP address to a name...
>> Failed to resolve IP address to name
>> UDP port 123 (ntp service): LISTENING or FILTERED
>>
>> 4. Doing a Resync or Rediscover resulted in the below errors:
>>
>> C:\>w32tm /resync
>> Sending resync command to local computer...
>> The computer did not resync because no time data was available.
>> -----------------------
>> C:\>w32tm /resync /rediscover
>> Sending resync command to local computer...
>> The computer did not resync because no time data was available.
>>
>> 5. I then turned on debug logging for Windows Time Service
>> (http://support.microsoft.com/kb/816043/). Here is a sample portion of
>> the
>> log that is of concern:
>>
>> 148794 01:55:09.1875000s - Packet test 8 failed (bad value for root delay
>> or
>> root dispersion).
>> 148794 01:55:09.1875000s - Ignoring packet that failed tests from
>> ###.###.###.### (ntp.m|0x1|###.###.###.###:123->###.###.###.###:123).
>>
>> I can see in the logs that the PDC is able to communicate with our core
>> switch but then it spits out the above error message for which I can find
>> no
>> information whatsoever to help me troubleshoot the issue.
>>
>> 6. I checked over the GPO's being applied to the PDC (C:\>gpresult /z >
>> c:\gp.txt) to ensure that nothing in the policies (Computer
>> configuration/Administrative Templates /System/Windows Time service/Time
>> Providers) would be conflicting with the NTP. I could see nothing that
>> would
>> be related.
>>
>> 7. I found the following, thread at msfn.org to be extremely helpful:
>> http://www.msfn.org/board/lofiversion/index.php/t67060.html.
>> This document was also quite informative:
>> http://www.mmmug.co.uk/files/216/download.aspx (unfortunately
>> though,
>> these did not resolve the issue for me).
>>
>> If anyone has experienced similar issues that can provide some words of
>> wisdom, I'd much appreciate it (as I'm at my wits end). Thanks very much.
>>
>>
>>
>>
>>
>>
 
Re: NTP (W32tm) issue with Win 2003 PDC

In news:OdMrF6AwIHA.576@TK2MSFTNGP05.phx.gbl,
Barkley Bees <barkbees@nomail.com> typed:
> I tried this but to no avail. I found that the cause was that the
> switch it was getting the time from was too far ahead (~8 minutes) so
> the PDC would not sync with it and output the below:
>
> C:\>w32tm /resync
> Sending resync command to local computer...
> The computer did not resync because no time data was available.
>
> As soon as the switch was fixed to sync correctly from it source time
> server the PDC was then able to successfully resync.
>
> I have now noticed another problem though. Now the client PC's (and
> our other 2 DC's) are showing W32Time errors in their event logs:
>
> -----------------------
>
> Event ID: 24
>
> Time Provider NtpClient: No valid response has been received from
> domain controller 'PDC name' after 8 attempts to contact it. This
> domain controller will be discarded as a time source and NtpClient
> will attempt to discover a new domain controller from which to
> synchronize. -----------------------
>
> Event ID: 29
>
> The time provider NtpClient is configured to acquire time from one or
> more time sources, however none of the sources are currently
> accessible. No attempt to contact a source will be made for 15
> minutes. NtpClient has no source of accurate time.
>
> -----------------------
>
>
> And now our other two DC's (not PDC) are showing:
>
> -----------------------
>
> Oh, the fun never ends!




Have you tried restarting the time service on the DC holding the PDC
Emulator role?

In a command prompt:
net stop w32time
net start w32time

--
Regards,
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT,
MVP Microsoft MVP - Directory Services
Microsoft Certified Trainer

For urgent issues, you may want to contact Microsoft PSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Infinite Diversities in Infinite Combinations
 

Similar threads

R
Time sync won't change from NT5DS
Replies
0
Views
271
RLAGroup
R
G
Windows 10 Windows Time Service - Prioritizing NTP Server Polling
Replies
0
Views
109
Gabe808
G
R
Malware or Hardware Defect or both?
Replies
0
Views
427
RobertBantele
R
V
Memory dumps to study a high-CPU performance issue
Replies
0
Views
263
Viorel-Alexandru
V
S
Windows Defender Fails to Start Event 5008
Replies
0
Views
160
spartan223193
S
Back
Top