Setting up a windows server 2008 as a time reliable timeserver using NTP

Posted by: | on November 7, 2011

Some people have been complaining about, Microsoft decided to end support for SNTP in Windows 2008R2 and also ended the opportunity to set up time using NET TIME

Well hopefully this post gets you back on track, with a newer more robust solution, which is also more secure than the old methods.

First of all the new tool is w32tm, and below is an example of how to setup one of your DCs (More to follow) as a secure/reliable time source and set that in sync with a time source on the Internet.

Before you start this setup verify that you have access to Internet on port 123 (NTP)

Next open a command prompt with elevated rights and type

1. w32tm /config /manualpeerlist:”dk.pool.ntp.org,0×8” /syncfromflags:MANUAL /reliable:yes

2. w32tm /config /update

3. net stop w32time && net start w32time

4. w32tm /resync /rediscover

5. w32tm /unregister (optional)

6. w32 /register (optional)

 

That’s it you good to go.

OK, here is the explanation to what we just did.

1 line configures your time service with a manual peer list, in this case just one though, should you however wish more than one, just add them, seperated with a space and remember to surround them with ” ” like this

/manualpeerlist:”dk.pool.ntp.org,0x8 dk1.pool.ntp.org,0x8″, the 0x8 is to tell the service to use a client association. /syncfromflags:manual indicates that a manual time source is selected, can also be /syncfromflags:DOMHIER which indicates that a DC should be used instead, and last /reliable:yes indicates that this DC should be considered a reliable time source according to RFC for fx. switches, routers, printers etc etc.

2 line Forces the configuration to update using the line we just entered.

3 line stops and starts the service w32time

4 does a full resync immediatly with the external time source and reregisters the network configuration and again syncronises local config.

5. Unregisters the service and all configurations from the Registry

6. Registers the w32tm to run as a service and adds the default configuration to the registry.

 

Additional information

w32tm /config /update /manualpeerlist:”dk.pool.ntp.org,0x8″ /syncfromflags:MANUAL,DOMHIER

This line above could be useful on labtops, that when on corporate network will syncronize from the DC’s and when offsite (airport etc) then sync using the same time source as the DC’s back home, in this case dk.pool.ntp.org

The default time source in Windows is time.windows.com which are located at Microsoft Clusters, consider thoose extremly loaded and change as soon as posible.

Posted in Windows | No Comments »
Tags: ,

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© 2024: Noervig's notes | Easy Theme by: D5 Creation | Powered by: WordPress