How to configure NTP Server and NTP Client in Windows Server 2019

 480 total views


2021-03-24 21:25:14

Configure NTP Server in Windows Server 2019

If the computer is an Active Directory Domain Controller, the NTP Server feature is enabled automatically. So the following example is for a computer that needs to enable NTP Server in a WorkGroup environment.

1. Run PowerShell as admin and configure the following:

Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

# confirm current setting (follows are default settings)
PS C:UsersAdministrator> Get-ItemProperty -Path "HKLM:SYSTEMCurrentControlSetServicesw32timeTimeProvidersNtpServer" 

InputProvider                    : 0
AllowNonstandardModeCombinations : 1
EventLogFlags                    : 0
ChainEntryTimeout                : 16
ChainMaxEntries                  : 128
ChainMaxHostEntries              : 4
ChainDisable                     : 0
ChainLoggingRate                 : 30
RequireSecureTimeSyncRequests    : 0
DllName                          : C:WindowsSYSTEM32w32time.DLL
Enabled                          : 0
PSPath                           : Microsoft.PowerShell.CoreRegistry::HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServ
                                   icesw32timeTimeProvidersNtpServer
PSParentPath                     : Microsoft.PowerShell.CoreRegistry::HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServ
                                   icesw32timeTimeProviders
PSChildName                      : NtpServer
PSDrive                          : HKLM
PSProvider                       : Microsoft.PowerShell.CoreRegistry

# enable NTP Server feature
PS C:UsersAdministrator> Set-ItemProperty -Path "HKLM:SYSTEMCurrentControlSetServicesw32timeTimeProvidersNtpServer" -Name "Enabled" -Value 1 

# set [AnnounceFlags] to 5
# number means
# 0x00 : Not a time server
# 0x01 : Always time server
# 0x02 : Automatic time server
# 0x04 : Always reliable time server
# 0x08 : Automatic reliable time server
PS C:UsersAdministrator> Set-ItemProperty -Path "HKLM:SYSTEMCurrentControlSetservicesW32TimeConfig" -Name "AnnounceFlags" -Value 5 

# restart Windows Time service
PS C:UsersAdministrator> Restart-Service w32Time 

# if Windows Firewall is running, allow NTP port
PS C:UsersAdministrator> New-NetFirewallRule `
-Name "NTP Server Port" `
-DisplayName "NTP Server Port" `
-Description 'Allow NTP Server Port' `
-Profile Any `
-Direction Inbound `
-Action Allow `
-Protocol UDP `
-Program Any `
-LocalAddress Any `
-LocalPort 123 

2. NTP Server Host also needs time synchronization with other Hosts as NTP Client.

Configure NTP Client in Windows Server 2019

NTP Client settings are configured with NTP Server [time.windows.com] by default Windows, so if the computer is connected to the Internet, the date and time will be synchronized.

Furthermore, if the computer is in Active Directory Domain, the NTP Client settings are also configured as follows, so generally there is no need to change the settings:

  • Domain Controller synchronizes time with PDC in the domain.
  • The PDCs in a domain synchronize their time with the PDCs in the Parent Domain (primary domain) or with other Domain Controllers.
  • The client computers synchronize the time with the Domain Controller that the client is currently logged on.

In the WorkGroup environment, you can change the default NTP server to other servers as follows.

1. Run PowerShell as admin and configure the following:

Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

# confirm current synchronization NTP Server
PS C:UsersAdministrator> w32tm /query /source 
time.windows.com,0x8

# change target NTP Server (replace to your timezone server)
# number means
# 0x01 : SpecialInterval
# 0x02 : UseAsFallbackOnly
# 0x04 : SymmetricActive
# 0x08 : NTP request in Client mode
PS C:UsersAdministrator> Set-ItemProperty -Path "HKLM:SYSTEMCurrentControlSetServicesw32timeParameters" -Name "NtpServer" -Value "ntp.nict.jp,0x8" 

# restart Windows Time service
PS C:UsersAdministrator> Restart-Service w32Time 

# re-sync manually
PS C:UsersAdministrator> w32tm /resync 
Sending resync command to local computer
The command completed successfully.

# verify status
PS C:UsersAdministrator> w32tm /query /status 

Leap Indicator: 0(no warning)
Stratum: 4 (secondary reference - syncd by (S)NTP)
Precision: -23 (119.209ns per tick)
Root Delay: 0.0252246s
Root Dispersion: 0.0824040s
ReferenceId: 0x85F3EEF3 (source IP:  133.243.238.243)
Last Successful Sync Time: 9/23/2019 10:15:33 PM
Source: ntp.nict.jp,0x8
Poll Interval: 8 (256s)

2. If a computer is in an Active Directory domain environment and is a Forest Root, the synchronization target is usually configured. [Local CMOS Clock] (Hardware Clock). Then if you want to change the word setting [Local CMOS Clock] To the NTP server network, please set the following:

Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

# in AD Domain Environment, [Type] is set to [NT5DS]
PS C:UsersAdministrator> (Get-Item -Path "HKLM:SYSTEMCurrentControlSetServicesw32timeParameters").GetValue("Type") 
NT5DS

# if target is [Local CMOS Clock] but you'd like to change it, change [Type] to [NTP] first
# next, change to NTP server with the same way in [1] section
PS C:UsersAdministrator> Set-ItemProperty -Path "HKLM:SYSTEMCurrentControlSetServicesw32timeParameters" -Name "Type" -Value "NTP" 

.

#configure #NTP #Server #NTP #Client #Windows #Server

Related Posts

Leave a Reply

Your email address will not be published.

Close Bitnami banner
Bitnami