The Domain Controller should be the definitive source for time for the entire Windows Domain
network. It needs to sync directly to NTP servers and not the hardware clock of the machine it’s on
whether it’s a virtual machine or a physical server.
That means don’t set VMware Tools to sync time for the guest. There are several frustating limitations
to the VMware tools time sync that make it the wrong tool for the job. VMWare defaults to having time
sync disabled on Windows Server guests for a good reason.
That does mean that you’ll need to set your Domain Controller to get it’s time synchronization directly
from the Internet (or a definitive clock source).
Run the following from an escalated command line.
C:\> net stop w32time
C:\> w32tm /config /syncfromflags:manual /manualpeerlist:β0.pool.ntp.org, 1.pool.ntp.org, 2.pool.ntp.orgβ
If the above command does not work, try this β¦
C:\>w32tm /config /update /manualpeerlist:"0.pool.ntp.org,0x8 1.pool.ntp.org,0x8 2.pool.ntp.org,0x8 3.pool.ntp.org,0x8" /syncfromflags:MANUAL
C:\>w32tm /config /reliable:yes
C:\>net start w32time
C:\>w32tm /query /configuration
Those commands will set the appropriate registry keys so that your server will get the time directly
from the Internet and not the hardware clock or VMware tools. Once you’ve gotten the DC time
correct (including your timezone), then the other machines will update automatically over time. You
can force an update using β¦
C:\>w32tm /resync
The command prompts the local computer to sync to it’s configured time source. If it’s a Domain
Member, then it will sync to the previously configured and updated Domain Controller(s).