Question about AD Time Sync

  • Thread starter Thread starter Drake
  • Start date Start date
D

Drake

I have a question concerning AD Time sync. We block NTP on our firewalls so
our main DC cannot get out to a tick and tock server to grab time. At this
point we are getting some w32time warnings (Event ID: 31) in our system
logs. We are debating two options one is to open NTP on our firewalls. 2 to
use a 3rd party app to go grab time from a server over http then point our
main dc to that machine for ntp. My question is has anyone used anything
third party apps for that and if not does any one have any best practices
for time sync? I do understand how important time sync is in AD for
replication purposes so any help would be appreciated...
The thrid party app we are looking at is from www.greyware.com
 
Again this is not an add. Just delete the last sentence please and give us
your opinions please. If I add every version of this kind of software will
you believe me?
 
Forget the 3rd party software. Let Microsoft do all of
it for you. This way all of your clients and servers
point towards one server automatically, without any
manual configuration. Yes those errors in the event log
are very annoying, so make the server happy and open the
ports.

ajd
 
So why is your first post, with a name (Drake), and second post
without? Ok, benefit of the doubt.

I would first check if your firewall has a NTP proxy. Some firewalls,
(Symantec formally Raptor) for example, have a secure NTP proxy.

If you're really concerned, perhaps taking a BSD/Linux box and running
only a NTP server on it, and redirect NTP ONLY to that box internally.
Take some old junky machine, and its all free.
 
That is what I thought I already started building a bsd box as a test for
that purpose. I don't see how my question can be mistaken for a
Advertisement just because someone puts a url in a post doesn't mean it is a
ad for that site this is a legit question. All we wanted to know was if
anyone had used that product or could recommend a better product to use (ex.
FreeBSD).

Thanks for the help.
Eric
 
Thank You we are weighing both options. Not sure which one we are going to
come up with but every idea or suggestion is appreciated..

Thanks
Eric
 
Back
Top