Thank you very much for your answer .

Consider that what i'm trying to do is without manually modifying bios time nor host time in vsphere.

So, there's a windows server virtual machine in the esxi 6.7 inventory which holds the time for all the other windows machines via NTP .This WS virtual machine is the domain controller and all the other machines are joined to its domain. So far so good, i have a correct time inside the domain.

But what about the layer that holds this domain, that holds all the virtual machines? i'm talking about the ESXI which is installed on the bare metal with hw bios time always UTC.

Assuming that you dont have an external NTP server like a radio or GPS clock ,what options do you have to sincronize everything together?

As for my tests is not possible to use an internal NTP coming from a windows domain hosted inside ESXI.It's always drifting forward or backwards

I'm trying to understand the limitations and the workaround for this time syncro for new ESXI 6.x

Many thanks.

NTP sources need to be physical, and are a bad idea in a VM. Do some research on sites like

https://serverfault.com/questions/106501/what-are-the-limits-of-running-ntp-servers-in-virtual-machi...

but the time drift your experiencing makes sense to be with a ntp server on a hypervisor

IF you don't have anything special needs and the hosts have outbound access I'd just use pool.ntp.org, and also point AD to pool.ntp.org and you should be pretty good. NTP as whats called ntp stratums which is basically the distance from from the time source. You can look at this list

https://www.advtimesync.com/docs/manual/stratum1.html

and pick a stratum one  if you want to try others.For your hosts and and to look at and they should be relatively close to each other. I think we everything point to a  set of local network switchs we have that  and those witches points to

tick.usno.navy.mil

That's the thing , i dont have outbound access. I'd like to use a windows time service in a virtual machine that controls my domain and stop the hardware bios clock syncronizing to ESXI and then to affect the virtual machines.The bios clock can sometimes deviate due to battery condition.

Knowing that we cant change hw bios time by any other means than setting it manually in bios interface,the idea is to stop the lower time sync layer bios/esxi for the virtual machines and let one of the virtual machine to take care of the rest of VMs otherwise as far as i can see the entire time setup will always stay in a time loop.

Normally ,the main time reference point  is the bios time because is the hardware that it's always ticking even if the server is powered off but if that hardware fails i'd like to have the control of a virtual machine that can change the time for all the other virtual machines via domain ntp.

Thank you.

... i dont have outbound access.

Which time source are you using for the domain controller? Isn't it possible to use the same source for the ESXi host.

Often companies have e.g. a router or firewall, which is able to sync its own time from an external source, and serves as a time server for internal systems.

André

The virtual machine that holds the domain controller is the time source itself.The time that i set in it is the source for all the other virtual machines joined in the domain.

As i mentioned i dont have any external connection to internet for this server.

Having an internet connection can simplify the things a lot but in this case i dont have.

At the moment i'm adjusting manually the time in vSphere for each host. I tried to set the NTP in each hosts based on the domain controller VM time but the time goes nuts,sign that there's a time loop that has been created by doing that.

In the previous ESX versions (not ESXi) there was a setup to adjust the default UTC time in BIOS/ESX ,but not anymore in ESXi.

Regards,