I tried the following on an XP computer and the time sync'ed with the Exchange Server (Server 2003 and A.D.I.), but when I triedto sync the PDC (Server 2003) to the Exchange server,the time does not sync. The Exchange server gets it's time from an external source and I want all other servers/clients to get the time from the Exchange server. Here's what I tried: 1. Open a Command Prompt.2. Type the following command and then press ENTER: w32tm /config /syncfromflagsomhier /update3. Type the following command and then press ENTER: net stop w32time4. Type the following command and then press ENTER: net start w32time Any reason the above would work on XP clients but not on a 2003 server?

There is a ":" and a "d" where the happy face is.

Your Exchange server is going to get its time from the AD server acting as a PDC (and should, for security and Active Directory processes to work properly) by default unless you change its w32time registry settings. Your PDC should be configured to get its time from a reliable source, either a hardware clock or reliable internet source (ie. time-a.nist.gov). Here's a link to Microsoft's KB article on configuring time services to help you out: http://support.microsoft.com/kb/816042 Best wishes,Mark

I was not able to figure out how to correct my problem using the link above. The story on my time setup: A consultant firm setup my exchange server (which is a DC, but not the master) to sync with an external time source. He used the Exchange server instead of the master PDC beacuse he said it was better to have the Exchange server with "real time". So now I want to sync the master PDC from the Exchange. I think my problem is sync'ing a master PDC to a non-master PDC. The link talked about sync'ing from the hierarchy (which would be from the master PDC), but I don't want the typical hierarchy, cause the external sync goes to a non-master DC. Hmmm, this seems a bit confusing, but I don't know how to state it any clearer. I was told my file server is the master DC. My assumption then is that the Exchange server is not the master?

You are correct that the Exchange server probably isn't the master, usually the PDC holds all the FSMO/master roles, and it's best to leave them there unless you have other domain controllers who might take some roles to make your AD environment more fault tolerant. The real issue you need to watch out for is that time has to sync correctly throughout all of your domain controllers, or you will experience security and communication problems. Active Directory by default sets all the dc's and computers to refer to the PDC's time. If you insist on having your Exchange server get this vital time information from an outside source, instead of the environment it's designed to run in, then change your PDC, or master role holder, to the same time source. You can also control time source via group policies for both domain controllers and client computers, but why complicate things? I'd set your pdc to the same time source as the exchange box, and the client computers will follow the PDC's time - hopefully your PDC and Exchange servers will never have a communication problem with that source, causing them to not be synchronized on time. Any time difference greater than five minutes will definitely skew AD operations, especially Kerberos used for authentication of objectsto use resources in the AD domain. The link I gave from Micro$oft describes how to change the W32Time registry entries to manual instead of domain mode, and how to specify the time source to sync with. Read it and the referenced KBs involving time, understand it thoroughly, and make your decision. Good luck! Mark

One thing I would like to add is that the consultant performed a non-standard domain time setup, and in my opinion it was a bad idea. You would be better off in the long run to change the Exchange server to get it's time from the PDC emulator, and set the PDC emulator to get it's time from the source your Exchange server currently is. You are asking for issues later down the road having a non-standard setup. Especially if you have Kerberos issues and need Microsoft support. They would have youto correct your enviroment as Step #1 of troubleshooting. I would heed Mark's words and study up on the link he sent you. John G.