First of all, I apologize if this is not the right forum to post this question. I didn't see one that seemed any more appropriate.
Some background...
I just started working for a new company a month ago. Though I did not get hired on to be a network admin, the day before I started the company fired the current network admin so I was immediately promoted into that postion on day 1. I would say I have some basic junior level network admin experience.
So from day 1, I noticed that the time on my PC was off by 5 minutes. I soon discovered that the clocks on all the PC's and servers on our domain run 5 minutes slow. I have no idea how it was all initially set up but in doing some research, this is what I've found...
DomainController1 holds all the FSMO roles.
DomainController2 does DHCP and DNS
When I do a net time /querysntp command from any PC on the domain, the response is time.windows.com. According to what I've read on the internet, time.windows.com is unreliable.
When I do a net time command from the PC's on the domain, I get a response of DomainController2.
When I do a net time /querysntp from DomainController2 I get a response of time.windows.com
When I do that some command on DomainController1, I get a response of "This server is not currently configured to use a specific SNTP server".
So from what I can gather, DomainController2 is providing the time for the network and it is getting the time from time.windows.com.
My question is how do I change that to pull the time from something more accurate? Are there any adverse effects I should be concerned about? I know there are security/Kerberos issues when network time is not in sync.
I'm concerned that DomainController1, which holds all the FSMO roles, is not configured to use a time server so therefore when I update the time source on DomainController2, DomainController1 will not get updated and start causing some serious problems.
Any help would be appreciated. And sorry for the long post.
Thanks.
Some background...
I just started working for a new company a month ago. Though I did not get hired on to be a network admin, the day before I started the company fired the current network admin so I was immediately promoted into that postion on day 1. I would say I have some basic junior level network admin experience.
So from day 1, I noticed that the time on my PC was off by 5 minutes. I soon discovered that the clocks on all the PC's and servers on our domain run 5 minutes slow. I have no idea how it was all initially set up but in doing some research, this is what I've found...
DomainController1 holds all the FSMO roles.
DomainController2 does DHCP and DNS
When I do a net time /querysntp command from any PC on the domain, the response is time.windows.com. According to what I've read on the internet, time.windows.com is unreliable.
When I do a net time command from the PC's on the domain, I get a response of DomainController2.
When I do a net time /querysntp from DomainController2 I get a response of time.windows.com
When I do that some command on DomainController1, I get a response of "This server is not currently configured to use a specific SNTP server".
So from what I can gather, DomainController2 is providing the time for the network and it is getting the time from time.windows.com.
My question is how do I change that to pull the time from something more accurate? Are there any adverse effects I should be concerned about? I know there are security/Kerberos issues when network time is not in sync.
I'm concerned that DomainController1, which holds all the FSMO roles, is not configured to use a time server so therefore when I update the time source on DomainController2, DomainController1 will not get updated and start causing some serious problems.
Any help would be appreciated. And sorry for the long post.
Thanks.