Event ID - 12

Event Id12
SourceMicrosoft-Windows-Time-Service
DescriptionTime Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the PDC emulator for the domain at the root of the forest. There is no machine above this machine in the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure this PDC emulator in the root domain to synchronize with an external time source. Otherwise, this machine will function as the authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.
Event InformationAccording to Microsoft :
Cause :
This event is logged when the machine is configured to use the domain hierarchy to determine its time source but it is the PDC emulator for the domain at the root of the forest
Resolution :
Configure an external time source
This computer is configured to hold the primary domain controller (PDC) emulator operations master role (also known as flexible single master operations or FSMO) in the forest root domain. This computer should not use itself as a time source. Configure an external time source as the authoritative time source for the forest, or configure a member domain controller as the time source peer. The configuration must be done manually. Perform the following procedure on the computer that is logging the event to be resolved.
To perform this procedure, you must have membership in Domain Admins, or you must have been delegated the appropriate authority.
To configure a manual time source peer:
  1. Open a command prompt as an administrator. To open a command prompt as an administrator, click Start. In Start Search, type Command Prompt. At the top of the Start menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
  2. At the command prompt, type w32tm /config /manualpeerlist:server,0x8, /syncfromflags:manual /update, where server is the name of the time source that you want to configure, and then press ENTER.
  3. Restart the Windows Time service. At the command prompt, type net stop w32time & net start w32time, and then press ENTER.
  4. Resynchronize the Windows Time service client with the time source peer. At the command prompt, type w32tm /resync, and then press ENTER.
Verify :
To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.
To verify that the Windows Time service is synchronizing correctly:
  1. Open a command prompt as an administrator. To open a command prompt as an administrator, click Start. In Start Search, type Command Prompt. At the top of the Start menu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
  2. At the command prompt, type W32TM /resync, and then press ENTER.
  3. At the command prompt, type W32TM /query /status, and then press ENTER.
    This command displays the status of the Windows Time service synchronization. The Last Successful Sync Time line of the output displays the date and time that you ran the W32TM /resync command in the previous step. Also, check the computer name that is shown as the Source. This should be the name of a domain controller (or an administrator-configured time server) in the same Active Directory domain as the local computer.
To verify that the Windows Time service synchronized successfully with its time source, confirm that Event IDs 35 and 37 appear in Event Viewer. If there was a recovery from a previous failure to synchronize with the time source, you also see Event ID 138, which indicates that the Windows Time service is synchronized correctly.
Reference LinksEvent ID 12 from Source Microsoft-Windows-Time-Service

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh