36.1 C
Monday, June 17, 2024

Configuring NTP with Master Clock in Isolated Network

Typically in Active Directory Based Environment – Primary Domain Controller (PDC) will be the master for Time and all other domain joined machines will receive time from the master.

Login to Primary Domain Controller (PDC) which holds PDC Emulator Role – In my Case its an Windows Server 2012 R2 or above.

To Find who is holding the PDC Role – Login to Active Directory –

netdom query fsmo


To Set NTP on a Isolated network –  (Same Process Applies on a network with Internet Connectivity just the NTP IP differs)

Setting as my NTP Source for my primary Domain Controller

Open PowerShell Run as Administrator

w32tm /config /manualpeerlist:"",0x8 /syncfromflags:manual /reliable:yes /update
Get-Service W32time | Restart-Service

Note : UDP Port 123 Should be open

Verify Time Source Applied Properly –

w32tm /query /source


To Resync Time with the NTP –

w32tm /resync


To Check Clock Type –

w32tm /query /peers


Verify NTP is ok and we can receive time from NTP

w32tm /stripchart /computer: /dataonly


For Debugging NTP w32tm

w32tm /debug /enable /file:Deb.log /entries:300 /size:100

W32tm Registry Location –



Had to use a Custom NTP Appliance from Master Clock  which acts as an NTP in a isolated Environment.

Download Win discovery from Master Clock Site.

Enter Global Password – Default public

Exit Win discovery Open it again.

Discover – Enter Network Configuration for Static IP


Administrative Actions – Set Password


Save it.

Enter Global Password – Save it . Close – Re open



exit – reopen – discover again.

Enable – NTP Server

Uncheck – Set NTP Alarm flag when not locked to a reference on Free running clocks like NTP 100


For Cisco Routers MD5 has to be enabled

Trusted Allowed – Enter keyword all lower case to be easier.

Enable MD5 authentication for Client Request

— Ignore Request if not Authenticated – Leave it checked as PDC is using the same master clock


Set Time Zone / Time offset

In my case UTC +4



Now Set the Time on UTC
Note you have to set the time always in UTC (Google Current UTC Time with Seconds)


SSH Enabled by Default – Add user name password. Easy to Change time / Reboot Appliance


username – public

password – publicpass

? – list all commands

Options – ssh ?


Known Issues –

  • VMware Machine keeps saying Local CMOS Clock

As a Recommended Practice – Apply  https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1189

tools.syncTime = "FALSE"
time.synchronize.continue = "FALSE"
time.synchronize.restore = "FALSE"
time.synchronize.resume.disk = "FALSE"
time.synchronize.shrink = "FALSE"
time.synchronize.tools.startup = "FALSE"
time.synchronize.tools.enable = "FALSE"
time.synchronize.resume.host = "FALSE"

Check 1 – Synchronize Guest time with Host is unchecked


Check 2 – Verify UDP 123 Port is Open on Windows Firewall and you can query the time using strip chart command

w32tm /stripchart /computer: /dataonly

Check 3 –  Configuring another NTP and Check Status Changes , It Could be NTP not giving the time in a proper way So that Windows Server puts back to default Local CMOS Clock

Check Event Viewer

Log Name:      System
Source:        Microsoft-Windows-Time-Service
Date:          4/17/2017 5:11:22 PM
Event ID:      47
Task Category: None
Level:         Warning
User:          LOCAL SERVICE
Computer:      DS002
Time Provider NtpClient: No valid response has been received from manually configured peer,8 after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS name. The error was: The peer is unreachable.

Satheshwaran Manoharan
Satheshwaran Manoharanhttps://www.azure365pro.com
Award-winning Technology Leader with a wealth of experience running large teams and diversified industry exposure in cloud computing. From shipping lines to rolling stocks.In-depth expertise in driving cloud adoption strategies and modernizing systems to cloud native. Specialized in Microsoft Cloud, DevOps, and Microsoft 365 Stack and conducted numerous successful projects worldwide. Also, Acting as a Technical Advisor for various start-ups.

Related Articles


Please enter your comment!
Please enter your name here