View Light

Using the built-in Win2K/WinXP NTP client

How to synchronize Windows 2000/XP clocks with an NTP server

BACKGROUND

The Network Time Protocol (NTP) is a special protocol specifically designed for accurately setting the time on a computer, based on a standardized time source, such as the NIST atomic clock. NTP takes into account network propagation delays and other factors to ensure that time is accurate down to the millisecond range.

This document takes on the task of setting up an NTP synchronization client to set time based on the information obtained from an NTP server. Setting up an accurate NTP server involves obtaining time from multiple sources and algorithmically combine the information from the different sources to get the most accurate time. This document does not go into that. For normal computer operations where accuracy within a few millseconds is adequate, setting up a normal NTP client synching with a single NTP source is sufficient. For more information about NTP itself, see www.ntp.org.

HIDDEN TREASURE

To set the time on your Windows 2000/XP box, you will need to get an NTP client. There are many freeware, open source, and commercial packages available. However, you don't need any of them, just read on! Although finding information about it is next to impossible, Windows 2000 and XP have an NTP client built in! I was really surprised to find it, having obtained third-party NTP client software before I was digging around and found it on accident.

Note: As far as synchronizing time on machines that are a member of Active Directory, you only need to synchronize time on the domain controller. All machines which are members of that domain will automatically synch their time with the domain controller. (Sorry, I tend to mix Win2K and WinNT terminology pretty bad at times, so don't beat me up for it :) ) So no need to do this on every machine if it is a member of an AD Domain, just the DC.

However, you may have machines that are not part of a domain (Such a public web servers, etc, which are more secure if standing alone) that you need to keep accurate time on. In addition, you are going to need to keep the time on the domain controller synched with an NTP server so that all the machines synching against the domain controller have accurate time. This way allows you to keep your machines synched to a time source WITHOUT buying/obtaining additional software!

There are two pieces involved - the somewhat well-known NET TIME command (Which has a lot of additional functionality since the WinNT days), and the extremely obscure "w32tm.exe" command which comes with all versions of Win2K and WinXP. (It will probably come with Win2K3 as well, but I haven't played with any of the pre-release copies, so cannot say for sure.) You will also need to make sure the Windows Time service is set to Automatic.

The new, improved NET TIME included SNTP functionality. NTP is Network Time Protocol. SNTP is Simple Network Time Protocol, not to be confused with SMTP (Simple Mail Transport Protocol) or SNMP (Simple Network Management Protocol). What the difference is between NTP and SNTP I do not know, nor have a need to find out the differences. The important thing is that an SNTP client can synchronize just find with a 'normal' NTP server.

This is just going to take you through the basics of setting up automatic time synchronization to an NTP server, for additional information on the functionality of these two commands, see NET HELP TIME, and w32tm /?

SPECIFYING A TIME SERVER

Selection of which NTP server you wish to synchronize with is done with the NET TIME command. You will need to locate an NTP Source. If you are on a corporate network, most Cisco routers have NTP Server functionality built in. (As long as the router itself is set up to synch to an external NTP server somewhere.) Check with your networking guys to find out. In other situations, there are publically accessible NTP servers all over the internet. See http://www.cis.udel.edu/~mills/ntp/servers.html for a list of secondary (aka Stratum 2) public NTP servers. There is a list of Primary (Stratum 1) public NTP servers as well, but they should be reserved for synchronization of Stratum 2 servers. Stratum 2 servers are accurate within microseconds of Stratum 1 servers. If you are going to need Stratum 1 accuracy on your machines, you will need to go to the multiple-source analysis method described in paragraph two.

Pick a a Stratum 2 server and set it as the time source:

NET TIME /SetSNTP:clock.somewhere.edu

You can verify the setting with:

NET TIME /QuerySNTP

Your machine now knows where to obtain it's NTP information... Now to set your machine to automatically synchronize with the NTP server.

AUTOMATIC SYNCHRONIZATION

You use the w32tm.exe command to control the automatic time synchronization of the Windows Time service. (Once again, make sure that the Windows Time service is set to run automatically on your machine) It lives in your /winnt/system32 directory, so should already be in your PATH. You can get a quick synopsis on the command with w32tm /?

To set automatic synchronization, I usually use the following:

w32tm -v -once -period 65532

The '-v' runs w32tm in verbose mode so you can make sure that everything is working properly.
The '-once' makes it do only one manual synchronization, without it, the w32tm command keeps running and synchronizing until you hit ctrl-c.
The '-period 65532' is the most important part. It tells the Windows Time service to synch once every 45 minutes until there are 3 successful synchronizations, the fall back to once every 8 hours. Once every eight hours is sufficient to counteract the drift in the pathetically inaccurate clocks in an x86 type motherboard.

DEBUGGING

Be aware that if you manually set the time on your computer with the time command or by double-clicking on your taskbar clock, it will clear all the NTP information you have set up. If that it done, just repeat the above steps.

You can run 'w32tm -v -once' anytime without changing the automatic synchronization settings. Use this if you suspect problems. Look through the information displayed for a full trace of what the client is doing. It will show any problems in connecting to the time server, or if the server is returning gibberish, etc.

MORE INFORMATION

Further questions? Come to MessageBase for answers.

(c) 2003 Ben Kimball. Verbatim reproduction of this document is permitted as long as this notice and the above MessageBase link is preserved.

Reply
Replies:
Comfortably Anonymous
7/20/2003 10:26:41 AM
Comfortably Anonymous
7/29/2003 10:36:39 PM
Comfortably Anonymous
10/2/2003 2:20:56 PM
Comfortably Anonymous
11/7/2003 4:34:21 PM
Comfortably Anonymous
11/8/2003 7:26:44 PM
Comfortably Anonymous
11/7/2003 4:49:41 PM
Comfortably Anonymous
11/8/2003 7:24:57 PM
Comfortably Anonymous
1/20/2004 4:32:55 PM
Comfortably Anonymous
12/3/2010 5:13:49 PM
Comfortably Anonymous
1/20/2004 4:44:24 PM
Comfortably Anonymous
1/21/2004 3:51:03 PM
Comfortably Anonymous
4/13/2004 6:53:05 AM
Comfortably Anonymous
4/13/2004 2:36:31 PM
Comfortably Anonymous
12/10/2004 12:55:30 AM
Comfortably Anonymous
8/1/2005 9:34:21 PM
Comfortably Anonymous
12/1/2005 4:39:17 AM
Comfortably Anonymous
5/31/2007 10:51:18 PM
Comfortably Anonymous
6/6/2007 11:40:57 PM
This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available in our efforts to advance understanding of environmental, political, human rights, economic, democracy, scientific, and social justice issues, etc. We believe this constitutes a 'fair use' of any such copyrighted material as provided for in section 107 of the US Copyright Law. In accordance with Title 17 U.S.C. Section 107, the material on this site is distributed without profit to those who have expressed a prior interest in receiving the included information for research and educational purposes. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml . If you wish to use copyrighted material from this site for purposes of your own that go beyond 'fair use', you must obtain permission from the copyright owner.