Here's (hopefully) all you need to know about time synchronization in an Active Directory domain with 2003 server(s):

On 2003 server, you should use w32tm to configure time synchronization.

Best Practices:
  • By default, all DC's synchronizes with their PDC in the domain. The PDC synchronizes with the PDC in any parent domain.
  • Only the PDC of the Forest Root Domain should be configured to sync with an external time source via SNTP.
  • The PDC servers from any child domains will sync time with the Forest Root Domains PDC via the NT5DS.
  • Domain Controllers will sync time with their respective PDCe server via the NT5DS.
  • Client workstations will initially talk to their logon server and then any other server in the domain via NT5DS for time sync messages.

Root PDC NTP setup example:
 Code:
w32tm /config /manualpeerlist:"ntp1.chalmers.se ntp2.chalmers.se ntp.lth.se" /syncfromflags:manual /reliable:YES /update

How to test your setup:
 Code:
w32tm /monitor
w32tm /resync /rediscover


Links:
Introduction to Administering the Windows Time Service
http://www.microsoft.com/technet/prodtec...d42da1afab.mspx

Synchronize the Time Server for the Domain Controller with an External Source
http://www.microsoft.com/technet/prodtec...7e9f16d183.mspx

Configuring a time source for the forest
http://www.microsoft.com/technet/prodtec...9167b95e48.mspx

Public NTP Pool Servers
http://ntp.isc.org/bin/view/Servers/NTPPoolServers

A good NTP source to use if you're in Europe is europe.pool.ntp.org. This is a list of all public time servers in europe, randomly selected upon DNS-query.

Edited by masken (2007-02-23 04:26 PM)
_________________________
The tart is out there