Synchronizing the Windows Clock With an Authoritative Time Source

Home > Blogs > Windows 7 > Synchronizing the Windows Clock With an Authoritative Time Source

Synchronizing the Windows Clock With an Authoritative Time Source

Like This Blog 1 Mike Danseglio
Added by October 24, 2014

Lost time is never found again.” – Benjamin Franklin

You probably already know that having accurate time set on all clients and servers is important. Very bad things happen when computer clocks disagree. Things like:

  • Users cannot logon to a domain
  • Applications overwrite new data with older versions
  • Servers fail to synchronize data between each other, causing version conflicts
  • Financial transactions become subject to dispute
  • Regulatory requirements are not met

Luckily Windows has taken this into account. The Network Time Protocol (NTP) service has been built into Windows since Windows XP and Windows Server 2003, and most Unix and Linux implementations have supported NTP since they were first built.

Windows Client and Server Time Synchronization

Unfortunately most Windows implementations do not use NTP as it is not enabled in many situations, especially when older servers are upgraded. The thinking was that they don’t need to. All domain-joined computers synchronize their time with the domain controller by default. This synchronization uses a Microsoft-specific protocol instead of NTP for backwards compatibility.

Also, by default, domain controllers synchronize their time with the Primary Domain Controller. So in most cases, enabling NTP on the PDC and configuring it to synchronize with an authoritative time source is all that you need to do.

Enabling NTP in Windows

In most domain scenarios you only need to worry about synchronizing the PDC with an authoritative time source. That’s pretty easy and it is the same on Windows clients as well as non-joined computers. So you can use these steps on Windows 7, Windows Server 2008, Windows 8, etc.

  1. Logon to the Primary Domain Controller as a local administrator.
  2. Open the Services MMC snap-in for the local computer.
  3. Scroll down to Windows Time. Configure it for a Startup Type of Automatic, and then right-click and select Start. (Note: skip this step if the service is already running)
  4. Close the Services MMC snap-in.
  5. Open a command prompt.
  6. Type w32tm /config /syncfromflags:manual /,,, and press Enter. This configures Windows to use the highly-available clusters provided by as its authoritative time source.
  7. Type w32tm /resync and press Enter.

Close the command prompt.

NTP does not always immediately change the clock. It is designed to slowly converge the local time to the authoritative source. This is done to avoid large rapid time changes that can cause applications and transactions to fail. So you may not see an instantly accurate clock, but NTP is now on the job and will ensure that the clock becomes, and remains, synchronized.

Once the PDC clock is accurate, all domain-joined computers will continue to synchronize their clocks. Over a bit of time – perhaps a day or two – your systems will have accurate time.

Stay safe!

Mike Danseglio -CISSP / CEH
Interface Technical Training – Technical Director and Instructor

Videos You May Like

A Simple Introduction to Cisco CML2

0 3876 0

Mark Jacob, Cisco Instructor, presents an introduction to Cisco Modeling Labs 2.0 or CML2.0, an upgrade to Cisco’s VIRL Personal Edition. Mark demonstrates Terminal Emulator access to console, as well as console access from within the CML2.0 product. Hello, I’m Mark Jacob, a Cisco Instructor and Network Instructor at Interface Technical Training. I’ve been using … Continue reading A Simple Introduction to Cisco CML2

Cable Testers and How to Use them in Network Environments

0 720 1

This content is from our CompTIA Network + Video Certification Training Course. Start training today! In this video, CompTIA Network + instructor Rick Trader demonstrates how to use cable testers in network environments. Let’s look at some tools that we can use to test our different cables in our environment. Cable Testers Properly Wired Connectivity … Continue reading Cable Testers and How to Use them in Network Environments

Government Edition – Encrypting a USB Flash Drive in Windows 10

0 274 2

In this video, Security Instructor Mike Danseglio demonstrates how to use BitLocker in Window 10 to secure files on a USB Flash drive that adhere to stricter data protection requirements as found inside Government entities. BitLocker 2-day instructor-led training is now available at Interface: BITLOCK: Planning and Deploying BitLocker Drive Encryption Training Video Transcription: Hi. … Continue reading Government Edition – Encrypting a USB Flash Drive in Windows 10

Write a Comment

See what people are saying...

    Share your thoughts...

    Please fill out the comment form below to post a reply.