I'm having a problem where my Primary Domain Controller (PDC) isn't syncing with an NTP server running on Ubuntu. When I check the W32tm settings, it points to the local system clock as the time source, but since it's a virtual machine, I know that's not ideal. When I try to manually update the time via command prompt, it tells me that no time data is available. The NTP server is located behind a firewall in a DMZ, but traffic is flowing through fine. I recently upgraded the NTP servers to Ubuntu 24.04 LTS and switched to using NTPsec, whereas it was on a standard NTP version before. This issue seems to have started after the upgrade. Any ideas on how to diagnose the problem?
5 Answers
What hypervisor are you using? If it's VMware, make sure to uncheck "sync time with host"—that can mess up time on Active Directory Domain Controllers.
In general, it's best not to rely on guest time in a VM. Instead, sync your host's time and ensure it's consistent with what you want.
Try running these commands to set your NTP server in W32tm:
`w32tm /config /manualpeerlist:"ntpserver.contoso.com,0x8" /syncfromflags:manual /update`
`w32tm /config /reliable:yes`
`net stop w32time && net start w32time`
`w32tm /resync`
Also, confirm that UDP port 123 is open to your Ubuntu server for communication.
Check if your VM is configured to force sync with the local hardware clock. It's a common issue that can lead to problems like this. Microsoft advises against syncing domain controllers with the hypervisor and suggests using the Windows domain hierarchy for time synchronization instead.
That makes sense! It sounds like you’ve done some configuration already. Have you also tried checking if that setting is turned on or off?
Here are some places to start troubleshooting:
- Check Ubuntu's system firewall settings.
- Look at NTPsec's configuration for query restrictions (especially `restrict` settings).
- Verify that NTPsec is correctly reporting its stratum from upstream servers.
- Use the `ntpdq` command to check the NTP response.
Yes, I'm using VMware. It worked fine when I first set up these NTP servers on Ubuntu 20.04, but things have gone sideways since the 24.04 upgrade.