In our environment with two Active Directory forests, we had to configure PDC’s from one domain to use PDC from another domain as a time source. I have tried to use the following command to set the time source for the PDC:
w32tm /config /manualpeerlist:timeserver /syncfromflags:manual /reliable:yes /update
Where the timeserver is the FQDN or IP address of the PDC server from another forest/domain.
I have also tried to follow several tutorials from Microsoft and from other forums on the web. Unfortunately, time on PDC’s in the second domain was out of synch. After I haven’t managed to set up the time sync, I decided to try with the GPO.
I have edited Default Domain Controllers policy to configure the time server from another domain. After this, the time between two domain was in sync.
Open Group policy editor and edit the Default Domain Controllers policy.
Navigate to: Administrative Templates – System – Windows Time Service – Time Providers
In the right pane, select Configure Windows NTP Client and set it in the following way.
Ntp Server: %FQDN of NTP server%,0x9
Type: NTP
CrossSiteSyncFlags: 2
ResolvePeerBackoffMinutes: 15
ResolvePeerBackoffMaxTimes: 7
SpecialPollInterval: 3600
EvenLogFlags: 0
Please change the %FQDN of NTP server% with your server name.
After the policy has been set, on the domain controller please run the following command:
gpupdate /force
W32tm /resync /rediscover
Once this is done, your DC should be synced.