Why would you want to do that ??

Well lets say your Primary Domain Controller (PDC) fails, then you move the FSMO roles to another server, and THEN you forget to set the NTP for the new DC.

Well luckily we have a way to automate that and its using the GPO and its WMI filtering capabilities

To do this we need to start by creating the filter

so in the Group Policy Management Console, Expand WMI Filters

image

Then Create NEW then add

Select * from Win32_ComputerSystem where DomainRole = 5

this will query the DCs for whomever is the holder of the PDC role

image

These are all the roles you can query

Value
Meaning
0 Standalone Workstation
1 Member Workstation
2 Standalone Server
3 Member Server
4 Backup Domain Controller
5 Primary Domain Controller

image

Click save

image

Create a GPO and Link it to the Domain Controllers Container in AD and make sure you select your WMI Filter you created earlier

image

Then Configure the setting as below

image

Once you are done, you should never think or worry about forgetting this option EVER again Smile

Advertisements