Creating a Standalone NTP Server With Windows

Home > Blogs > Windows 7 > Creating a Standalone NTP Server With Windows

Creating a Standalone NTP Server With Windows

3 28 Mike Danseglio
Added by November 24, 2014

I must govern the clock, not be governed by it.” – Golda Meir

You probably already know that having accurate time set on all clients and servers is important. Very bad things happen when computer clocks disagree. Things like:

  • Users cannot logon to a domain
  • Applications overwrite new data with older versions
  • Servers fail to synchronize data between each other, causing version conflicts
  • Financial transactions become subject to dispute
  • Regulatory requirements are not met

Luckily Windows has taken this into account. The Network Time Protocol (NTP) service has been built into Windows since Windows XP and Windows Server 2003, and most Unix and Linux implementations have supported NTP since they were first built.

Windows Client and Server Time Synchronization

Unfortunately most Windows implementations do not use NTP as it is not enabled in many situations. One of those situations is a non-domain joined server. An unjoined system can function as both a NTP server and client, but it doesn’t do either by default.

I’ve already written about configuring a standalone Windows computer to function as a NTP client. Another common need is to create a standalone NTP server that can provide time synchronization for unjoined Windows computers as well as other operating systems like Linux and Mac OSX.

Configuring Windows as a Standalone NTP Server

Windows implements the W32Time service as both an NTP client and server. The service is off by default. So configuring a system as an NTP server requires both enabling the W32Time service and configuring it as a server. The process is very simple.

First, use the Services console to locate the Windows Time service. It will likely be off as shown in Figure 1.

001-Windows-Time-is-not-yet-enabled-or-started

Figure 1. Windows Time is not yet enabled or started.

You need to both start the service and configure it for Automatic start as shown in Figure 2.

002-W32Time-service-is-started-and-configured-for-automatic-start

Figure 2. The W32Time service is started and configured for automatic start.

Enabling the NTP server service requires a quick registry modification. Open Regedit and navigate to HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Services \ W32Time \ TimeProviders \ NtpServer and change Enabled from 0 to 1. This is shown in Figure 3.

003-Changing-the-NtpServer-Enabled-value-to-1

Figure 3. Changing the NtpServer Enabled value to 1.

The last step is to update the Windows Time service’s running configuration. You do this by opening a command prompt and typing the w32tm /config /update command. You can then verify that the NTP server service is enabled with the w32tm /query /configuration command. Both of these are shown in Figure 4.

004-The-output-of-the-w32tm-command

Figure 4. The output of the w32tm command.

Notice in the VMICTimeProvider section that Enabled is set to 1. That’s the flag that enables NTP server in Windows. Because that’s the running configuration, Windows is now running as a NTP server.

Enjoy,

Mike Danseglio -CISSP / CEH
Interface Technical Training – Technical Director and Instructor

Videos You May Like

Creating Users and Managing Passwords in Microsoft Office 365

0 686 3

In this Office 365 training video, instructor Spike Xavier demonstrates how to create users and manage passwords in Office 365.   For instructor-led Office 365 training classes, see our course schedulle: Spike Xavier SharePoint Instructor – Interface Technical Training Phoenix, AZ 20347: Enabling and Managing Office 365    

How to clone a Windows Server 2012 or 2012 R2 Domain Controller

3 1566 3

One of the coolest new features in Window Server 2012 and Windows Server 2012 R2 is the ability to clone a Domain Controller. In the past, if we had virtualized Domain Controllers and we actually took a snapshot of it and then rolled back to that snapshot, it would break the logon service on that … Continue reading How to clone a Windows Server 2012 or 2012 R2 Domain Controller

Detailed Forensic Investigation of Malware Infections – April 21, 2015

4 645 5

How does an investigator hunt down and identify unknown malware? In this recording of our IT Security training webinar on April 21, 2015, Security expert Mike Danseglio (CISSP / CEH) performed several malware investigations on infected computers and identify symptoms, find root cause, and follow the leads to determine what’s happening. He demonstrated his preferred … Continue reading Detailed Forensic Investigation of Malware Infections – April 21, 2015

Write a Comment

See what people are saying...

    Share your thoughts...

    Please fill out the comment form below to post a reply.