Wednesday, May 1, 2013

Azure Virtual Machine Time Sync

We've built a few domains on Azure to host Active Directory, SharePoint, SQL, etc... After a while we started to notice that the time on the severs would get out of sync. It wasn't a big difference, but enough that we started to see issues with the applications. The source of the problem is load on the Hyper-V hosts that host the VM's. When load gets too high, it causes time issues.The easiest thing to do seems to be to set a time source on all the servers.

Here are the steps we used:

  1. Open a command prompt on your domain controller. To see the current time difference: w32tm /stripchart /computer: time.windows.com /samples:5 /dataonly
  2. Open UDP port 123 for outgoing traffic if needed.
  3. Open UDP port 123 (or a different port you have selected) for incoming NTP traffic.
  4.  Type the following command to configure the PDC emulator and then press ENTER:
     w32tm /config /manualpeerlist: time.windows.com /syncfromflags:manual /reliable:yes /update
  5. The next steps have to be run on the computers in the domain.
  6. Open a Command Prompt and type the following command and then press ENTER:
     w32tm /config /syncfromflags: domhier /update
  7. Type the following command and then press ENTER:
     net stop w32time
  8. Type the following command and then press ENTER:
     net start w32time
Note: You may also use Group Policy to make all the domain clients to sync time with PDC emulator in the domain.