Category Archives: Windows Server

Configuring NTP Server for Time Synchronization

This post is about how to process a Windows Server 2012 or 2016 domain controller to synchronize its time with a trusted external resource.  Having a valid and accurate time source is critical for a properly configured domain. Use your favorite search engine to locate the trusted NTP time servers for your area.  I am located in Canada and so I will be using Log into your domain controller with administrative credentials and launch a command prompt. Stop the time service: net stop w32time Enter the following to configure your NTP time servers: w32tm /config /syncfromflags:manual /manualpeerlist:",,," and then hit Enter.  Remember to use your time servers in place of * Let the domain controller know that these are your trusted servers: w32tm /config /reliable:yes Restart the Time Service: net start w32time Review the results: w32tm /query /configuration Ensure everything is proper and typed correctly and...

NTDS General Event ID 2147486534

You may notice the warning event "NTDS General - The security of this directory server can be significantly enhanced by configuring the server to reject SASL...." in event viewer for the Active Directory Domain Services with regards to LDAP bind.  To get rid of the event warning, you can add a Group Policy to configure all domain controllers to reject unsigned and simple LDAP bind requests. Membership in Domain Admins, or equivalent, is the minimum required to complete this procedure.  Perform the following on a domain controller or a computer that has Remote Server Administration Tools installed.
  • Open the Group Policy Management Console
  • Expand Forest, Domains objects until you locate the domain object for the set of domain controllers you want to configure.
  • Expand the Domain Controllers object, right-click Default Domain Controllers Policy and then click...