I'm setting up a Domain Controller (DC) as the main NTP server for my network, specifically using the PDC emulator as a reference point. I noticed that the GPO contains options for both enabling the Windows NTP Server and enabling the Windows NTP Client. My question is, if the DC is already set to serve time as an NTP server, do I really need to enable the 'Enable Windows NTP Server' GPO? Most of what I've read focuses on the client side, which makes sense for getting time, but shouldn't I also ensure the NTP server setting is enabled so it can serve time to all other domain clients and DCs?
1 Answer
Honestly, I've never relied on GPOs for NTP setups. I just configure the PDC to sync with an external time source and set it as the authoritative timekeeper for the domain. Then, I set up other DCs to sync from that hierarchy. Generally, everything else will fall into place for Windows clients. For non-Windows systems, though, you might have to manually enter the NTP server details.
Thanks for sharing your approach! If you’re not a fan of GPOs but prefer coding, consider checking out DSC; it can be a great alternative! Thanks again.