Time synchronization in any AD environment is important for regardless if it is physical, virtual or a combination of the two. If the time on a system if off by greater than a few minutes then users may not be able to access network resources or logon. In a typical AD infrastructure the PDC Emulator for the parent domain synchronizes with an external time source while the other domain controllers in the environment synchronize with the PDC emulator. Member servers and workstations synchronize with the domain controller than they logged in from. For child domains, the PDC emulator and DC’s for the child domain can synchronize with any DC or the PDC emulator in the parent domain.
When it comes to virtual environments, there are multiple acceptable ways of accomplishing time synchronization. I have found through experience that one of two scenarios tend to work best.
Scenario 1: (The PDC Emulator DC is a VM)
This scenario tends to be the case with smaller environments or environments where they are 100% virtual. I have found it preferable cases such as these to configure the hypervisor hosts to point to an external time source for time synchronization then configure the PDC Emulator VM to synchronize with the host or if that is not possible to have it synchronize with the same external time source. In VMware, the time synchronization would be accomplished by using VMware Tools Time Synchronization. In this scenario, have the PDC Emulator synchronize only with the host. Do not enable in guest time synchronization and configure Windows registry to point to an external source at the same time; it needs to be one or the other, not both.
Scenario 2: (The PDC Emulator DC is a physical server)
This scenario tends to be the case in larger environments where there is a physical DC that houses the PDC Emulator role. In this scenario there are several acceptable configurations for time synchronization. Two examples of which would be:
- Have the PDC Emulator synchronize with an external time source and have the vSphere hosts synchronize with it
- Have the PDC emulator and the vSphere hosts synchronize with the same external source
Configuring vSphere host to synchronize with a time source:
In the vSphere client, select the host then click the Configuration, Time Configuration, and then Properties:
Click Options then NTP Settings:
Click Add then add a time source.
Select the Option to Restart NTP then click OK.
Verify that the “NTP Client Enabled” option is selected then click OK.
For more information please see: