Recently I was dealing with some SCOM events for time services on a few machines in the same domain. When checking the machines, I came across this error:
Time Provider NtpClient: No valid response has been received from manually configured peer 10.0.0.1 after 8 attempts to contact it. This peer will be discarded as a time source and NtpClient will attempt to discover a new peer with this DNS name.
On seeing this, I thought this domain may have been configured with manual peers and NTP as the client's provider. When looking at the registry though, all I was seeing was the typical time.windows.com ntp server setting and source was NT5DS. So I was stuck for a while thinking, the source should be the domain, and this IP address that I'm seeing is not a domain controller, never was a domain controller, and isn't even pinging. So I tried manual peer configuration with NTP as the provider on a server, but I hit the same issue with the same error. Searching the registry for both a host name and the IP came up with nothing. Searching gpresult for the IP/hostname came up with nothing. Eventually, I dug a bit further in to the "gpresult /scope COMPUTER /Z" output and found an NTP serverr was set in there. So apparently this type of GPO setting does not push itself to the register, and just quietly overrides whatever is in the registry. The reason I couldn't find the IP/hostname in the gpresult the first time was that it comes out in gpresult as an array of byte values.
So anyways, GPO edited, gupdate /force, w32tm /resync...and its all back to normal.
No comments:
Post a Comment