One of the most important principles of a good network design is accurate time. Windows time is a whole lot like the 1960s car clock - always drifting away from true time. However, very weird things start to happen if time on your network and servers and workstations is left to fend for itself. All of the sudden we get reports of erratic behavior - policies that don't run, DNS and Active Directory updates that didn't happen. The reason is that when deciding what to do, the network looks at timestamps. Generally the newest wins. If something is asked to be done in the past, then it is in the past and it isn't done. Chaos ensues
The solution is to establish a common time for all devices on your network based upon true time- a Network Time Provider (NTP) which is gets its time from an atomic clock. In most networks we setup the x.x.x.1 switch addresses are configured to be NTP time providers. Switches, UPSes, servers, and workstations are among the many devices that understand NTP time. It is very frustrating when I look at a log in a UPS to try and understand an event and have to interpolate time based upon incorrect time vs. having it set to a valid NTP time provider.
In a proper Microsoft Windows Active Directory design the Primary Domain Controller (aka PDC) is the designated time provider to all domain connected servers and workstations. We find the PDC and point it at an NTP time provider and it tells Windows what time it is and all the other Windows domain joined devices fall in line.
None of this is hard, but we constantly are finding time messed up and PDCs not configured or misconfigured for time.
Please put this on your summer punch list of items to validated/or fix. It only takes a few minutes to do. We are happy to help you or do it for you.
If you need help figuring this out, let us know.