During the last switch to daylight savings, my BlackBerry's time was not correctly syncing with Verizon and I unknowingly adjusted my car and wrist watch to it. While I was five minutes early for everything, I kept thinking that the world must be experiencing serious time problems - my GPS and television show times were wrong! I couldn't understand what was happening. I googled in hopes others were experiencing the same problem, thinking this was some widespread issue. It sounds laughable, but when you adjust every clock in your house, car, etc. - you live by that time. Fortunately, I figured the problem out before publishing some asinine article about how the world was experiencing a time delay.

With my recent time drama in mind, I considered this domain-wide time problem and decided it was worth resolving. My first instinct was that the battery in the domain controller needed replaced. Since it was after hours, I simply powered down the machine and changed the battery. These come in handy, so I usually have a few in my work bag. After booting the machine, I adjusted the clock and assumed all was well. Unfortunately, when I returned two weeks later for maintenance, the clock had again drifted by a few minutes. Subsequently, all of the computers in the domain had incorrect times. Time to start pulling hair out? Maybe not yet.

Something else to consider is the Microsoft NTP settings which come default on Microsoft Windows computers. What is the address? Ntp.Microsoft.com? Whatever it is, I am fed up. Obviously something changed my correct time and synchronized it with the wrong time, or maybe it isn't synchronizing at all. Regardless, I was able to enter the following commands into the command prompt to solve the problem.

net time /setsntp:pool.ntp.org
net stop w32time
net start w32time

The first command tells Windows which NTP server you want to use. The second two commands restart your time service. All of the computers on the domain now abide by the correct time.

Update: On Server 2008 R2 you have to use these commands instead:

w32tm /config /syncfromflags:manual /manualpeerlist:pool.ntp.org
w32tm /config /reliable:yes
w32tm /config /update
w32tm /resync
net stop w32time
net start w32time

• Your first DNS entry in your TCP/IP settings must be your Primary Domain Controller. If you only have one domain control, your secondary DNS server should be blank!! By including DNS servers from outside of your domain, it is extremely possible that your computers will fail to register with Active Directory's DNS. Initially, a secondary outside DNS server will not cause an issue. However, this will cause you major network resource problems down the road. If you did not have the correct DNS settings, restart your computer after making the change. This will ensure you are registered with DNS. If you use DHCP on your network, please update your DHCP server to give out the correct DNS information to your clients!
• On your Primary Domain Controller, your primary DNS setting must be 127.0.0.1 (alternatively, it can be the actual IP address of itself). The only time you have a secondary DNS server is if you have more than one server running Active Directory, otherwise it should be blank. Place ISP provided DNS IP addresses in your actual Administrative Tools: DNS snap-in, otherwise all computers on your network will only resolve local addresses.
• You need to be able to ping the name of your Primary Domain Controller. If you ping SERVER1 and do not get a result, first try to ping the IP Address manually (i.e. ping 192.168.1.10). This will help narrow down your point of failure. Are you even able to get onto the Internet? Unless you are doing some weird VPN or building-to-building configuration, make sure your netmask, network, and gateway are the same as on the server.
• Try disabling the firewalls on both the server and the client computer. While on XP machines this can be done by killing the service, I have seen Server 2008 and Windows 7 machines completely lose network access when the Windows Firewall Service was shutdown. To prevent this from happening, use the Windows Firewall with Advanced Security window to manually turn off your firewall instead of killing the service.
• When joining a domain, you can enter just the domain name (i.e. "contoso") or you can enter the Fully Qualified Domain Name (FQDN) "contoso.local". Sometimes a computer will not let you join unless you use the FQDN, but other times it fails until you drop off the ".local". Make sure to try it both ways.
• It's not a bad idea to install all of the Microsoft Updates on the server as well as on the client computers, including any optional group policy client side updates.
• If all else fails, sometimes the File and Printer Sharing protocol, located in the Network Adapter settings for your Primary Domain Controller, must be uninstalled and then reinstalled. This is done by unchecking it in the properties of your "Local Area Connection", restarting your server and then rechecking it again. I have only had to do this one time in my entire career.
• If you do not see an option to join a domain, you are most likely running a Home version of Windows. You need to have Windows XP Professional, Windows Vista Business, Windows Vista Ultimate, Windows 7 Professional or Windows 7 Ultimate in order to connect to a domain.

If you encounter any errors or problems that this guide was unable to resolve, please post your error message below. One of the techs here will be more than happy to give you some pointers and help you resolve your issue.