Beginning with Windows 2000, Microsoft includes the Windows Time Service with all versions of Windows. Initially, the purpose of Windows Time Service was to keep all clocks on the Windows network loosely synchronized to support Kerberos authentication, which is time-sensitive to a degree. Windows Time Service is also known as “w32time”, and can be configured with the registry, Group Policy editor GUI tool, or the command-line tool w32tm.
On the first step, you need to ensure if UDP port 123 for incoming NTP Traffic is allowed on your network. Also, If the machine is a VM inside Hyper-V, you have to disable time sync. Open VM settings -> Management -> Integration Services and uncheck Time Synchronization.
In this article, I will use the NTP server list from ntp.org .
Using w32tm command-line
Open Command line or PowerShell with Admin permission.
Stop Windows Time service using command-line below
net stop w32time
Use the command-below to add the servers from ntp.org into peer list.
w32tm /config /manualpeerlist:"0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org",0x8 /syncfromflags:MANUAL
0x8 say what?
You might have noticed the 0x8 flag above. What does it mean? KB875424 mention:
0x01 – use special poll interval SpecialInterval
0x02 – UseAsFallbackOnly
0x04 – send request as SymmetricActive mode
0x08 – send request as Client mode
4. If the machine is PDC Domain and you want to make your PDC a reliable time source for the clients. Use the command below:
w32tm /config /reliable:yes
5. Start the Windows Time service.
net start w32time
6. You can check the status using the command below:
w32tm /query /configuration w32tm /query /status w32tm /query /peers
If you completely screwed up the config, you can always do the following command and it will completely erase and add a default W32time configuration:
net stop w32time w32tm /unregister w32tm /register
You can always check the document from Microsoft Docs for further detail.
[…] Configurer un serveur NTP sous Windows Server […]