Windows Time Service Configuration

It has been a known item that NTP.org has been more reliable than windows.com in providing the time synchronization. Hence, a good practice to set up Windows machines is to point Windows Time sources toward this external source.
 
The Primary Domain Controller (PDC) is often the authoritative time source for the entire domain. Hence, it should be using NTP as its peers to keep its timing accurate. The command below would configure the PDC to only check the pooled sources for NTP. It will not look to any other internal machines for synchronization.
 
w32tm /config /update /manualpeerlist:"0.pool.ntp.org,0x8 1.pool.ntp.org,0x8 2.pool.ntp.org,0x8 3.pool.ntp.org,0x8" /syncfromflags:MANUAL
All Other Domain Joined Windows Machines should follow the domain hierachy to update their clocks. Hence, “DOMHIER” keyword is specified to enable this behavior
 
w32tm /config /update /manualpeerlist:"0.pool.ntp.org,0x8 1.pool.ntp.org,0x8 2.pool.ntp.org,0x8 3.pool.ntp.org,0x8" /syncfromflags:MANUAL,DOMHIER
After a command above has been issued, it’s also necessary to set the poll interval to 1 hour per sync activity:
 
reg add HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient /v SpecialPollInterval /t reg_dword /d 3600 /f

net stop w32time

sleep 4

net start w32time

w32tm /resync /rediscover
 

 
Some of the raw commands in dealing with this NTP beast:
 
taskkill /F /IM mmc.exe
pushd %SystemRoot%\system32
.\net stop w32time
.\w32tm /unregister
.\regsvr32 /u w32time.dll
.\shutdown -r -t 0
 
# Wait for the reboot to finish
 
pushd %SystemRoot%\system32
.\regsvr32 /u w32time.dll
.\w32tm /register
.\sc config w32time type= own
.\net start w32time
.\w32tm /config /update /manualpeerlist:”0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org,3.pool.ntp.org”,0x8 /syncfromflags:MANUAL /reliable:yes
.\w32tm /resync /rediscover
popd

Troubleshooting:
 
C:\Users\admin>net start w32time
System error 1058 has occurred.
 
The service cannot be started, either because it is disabled or because it has n
o enabled devices associated with it.
 
 
C:\Users\admin >w32tm /register
The following error occurred: The specified service has been marked for deletion
. (0x80070430)
 
C:\Users\admin >taskkill /F /IM mmc.exe
SUCCESS: The process “mmc.exe” with PID 2760 has been terminated.
SUCCESS: The process “mmc.exe” with PID 8620 has been terminated.
SUCCESS: The process “mmc.exe” with PID 1608 has been terminated.
SUCCESS: The process “mmc.exe” with PID 9508 has been terminated.
SUCCESS: The process “mmc.exe” with PID 10072 has been terminated.
SUCCESS: The process “mmc.exe” with PID 9248 has been terminated.
SUCCESS: The process “mmc.exe” with PID 8376 has been terminated.
 
System error 1290 has occurred.
 
The service start failed since one or more services in the same process have an
incompatible service SID type setting. A service with restricted service SID typ
e can only coexist in the same process with other services with a restricted SID
type. If the service SID type for this service was just configured, the hosting
process must be restarted in order to start this service.
 
C:\Users\admin >sc config w32time type= own
[SC] ChangeServiceConfig SUCCESS
 
C:\Users\admin >net start w32time
The Windows Time service is starting.
The Windows Time service was started successfully.
 
 
C:\Users\admin >w32tm /resync
Sending resync command to local computer
The following error occurred: Access is denied. (0x80070005)
 

OLD INFORMATION:
 
Manual Method
 
Step 1: Check to see whether current DC is the time source
———————-
c:\> netdom /query fsmo
Schema master SERVER1.domain.com
Domain naming master SERVER1.domain.com
PDC SERVER1.domain.com <== verify this record to locate the PDC Emulator
RID pool manager SERVER1.domain.com
Infrastructure master SERVER1.domain.com
The command completed successfully.
———————–
C:\> w32tm /query /source
SERVER2.domain.com <== indicates that this server is the upstream time source for this local machine
 
Step 2: Set PDC Master as root with external time source
 
w32tm /config /update /manualpeerlist:”0.us.pool.ntp.org.0x1 1.us.pool.ntp.org.0x1 2.us.pool.ntp.org.0x1 3.us.pool.ntp.org.0x1″ /syncfromflags:manual /reliable:YES
reg add HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\VMICTimeProvider /v Enabled /t reg_dword /d 0 /f
w32tm /resync /rediscover /nowait
net stop w32time && net start w32time
 
C:\Windows\system32>w32tm /query /status
Leap Indicator: 0(no warning)
Stratum: 3 (secondary reference – syncd by (S)NTP)
Precision: -6 (15.625ms per tick)
Root Delay: 0.0000000s
Root Dispersion: 10.0000000s
ReferenceId: 0xC632EE9C (source IP: 198.50.238.156) <== this outside IP indicates NTP in effect
Last Successful Sync Time: 7/26/2017 11:15:16 AM
Source: 0.us.pool.ntp.org,1.us.pool.ntp.org,2.us.pool.ntp.org,3.us.pool.ntp.org
Poll Interval: 6 (64s)
 
——————— Experimental NTP.reg (DO NOT USE) ——————————
Windows Registry Editor Version 5.00
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters]
“NtpServer”=”0.us.pool.ntp.org.0x1 1.us.pool.ntp.org.0x1 2.us.pool.ntp.org.0x1 3.us.pool.ntp.org.0x1”
“Type”=”NTP”
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config]
“AnnounceFlags”=”5”
“MaxPosPhaseCorrection”=”1800”
“MaxNegPhaseCorrection”=”1800”
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders]
“NtpServer”=”1”
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\VMICTimeProvider]
“Enabled”=”0”
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient]
“SpecialPollInterval”=”900”
——————— Registry Key ——————————
 
———————————–
0x1 Instead of following the NTP specification, wait for the interval specified in the SpecialPollInterval entry before attempting to recontact this time source. Setting this flag decreases network usage, but it also decreases accuracy.
 
0x2 Use this time source only as a fallback. If all time sources that are not fallbacks have failed, then the system selects one fallback time source at random and uses it.
 
0x4 Set the local computer to operate in symmetric active mode in the association with this source.
 
0x8 Set the local computer to operate in client mode in the association with this source.
———————————–
 
Step 3 (optional): Run commands on domain computers
 
Method 1: automatic
w32tm /config /syncfromflags:domhier /update
net stop w32time && net start w32time
 
Method 2: manual
w32tm /config /manualpeerlist:PDC_SERVER /syncfromflags:manual /reliable:yes /update
 
On older version of Windows, use this command to check time on PDC
w32tm /stripchart /computer:PDC_SERVER /samples:1
 
Optional: fix mistakes by reseting the time service to default
net stop w32time
w32tm /unregister
w32tm /register
net start w32time

Raw Output:

Microsoft Windows [Version 10.0.16299.125]
(c) 2017 Microsoft Corporation. All rights reserved.

C:\Windows\system32>w32tm /config /update /manualpeerlist:"0.pool.ntp.org,0x8 1.pool.ntp.org,0x8 2.pool.ntp.org,0x8 3.pool.ntp.org,0x" /syncfromflags:MANUAL
The command completed successfully.

C:\Windows\system32>reg add HKLM\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient /v SpecialPollInterval /t reg_dword /d 3600 /f
The operation completed successfully.

C:\Windows\system32>net stop w32time && net start w32time
The Windows Time service is not started.

More help is available by typing NET HELPMSG 3521.


C:\Windows\system32>w32tm /resync /rediscover
The following error occurred: The service has not been started. (0x80070426)

C:\Windows\system32>net start w32time
The Windows Time service is starting.
The Windows Time service was started successfully.


C:\Windows\system32>w32tm /resync /rediscover
Sending resync command to local computer
The command completed successfully.

C:\Windows\system32>w32tm /resync /rediscover /nowait
Sending resync command to local computer
The command completed successfully.

C:\Windows\system32>w32tm /query /status
Leap Indicator: 0(no warning)
Stratum: 2 (secondary reference - syncd by (S)NTP)
Precision: -23 (119.209ns per tick)
Root Delay: 0.0419570s
Root Dispersion: 7.7792697s
ReferenceId: 0x6298A526 (source IP: 98.152.165.38)
Last Successful Sync Time: 4/21/2019 12:24:36 PM
Source: 2.pool.ntp.org,0x8
Poll Interval: 10 (1024s)

Leave a Reply

Your email address will not be published. Required fields are marked *