Pages

7/22/2004

Windows::Time


Set time to Naval Observatory
http://support.microsoft.com/default.aspx?scid=kb;EN-US;314054
Windows includes W32Time, the Time Service tool that is required by the Kerberos authentication protocol. The purpose of the Time Service is to ensure that all computers that are running Microsoft Windows 2000 or later in an organization use a common time.

To ensure appropriate common time usage, the Time Service uses a hierarchical relationship that controls authority, and the Time Service does not permit loops. By default, Windows-based computers use the following hierarchy:
All client desktop computers nominate the authenticating domain controller as their in-bound time partner.
All member servers follow the same process that client desktop computers follow.
All domain controllers in a domain nominate the primary domain controller (PDC) operations master as their in-bound time partner.
All PDC operations masters follow the hierarchy of domains in the selection of their in-bound time partner.
In this hierarchy, the PDC operations master at the root of the forest becomes authoritative for the organization. It is recommended that you configure the PDC operations master to gather the time from an external source. This event is logged in the System event log on the computer as event ID 62.

Administrators can configure the Time Service on the PDC operations master at the root of the forest to recognize an external Simple Network Time Protocol (SNTP) time server as authoritative. Use the following net time command:
net time /setsntp:server_list

The United States Naval Observatory runs several SNTP time servers that are satisfactory for this function, for example, ntp2.usno.navy.mil (at 192.5.41.209) and tock.usno.navy.mil (at 192.5.41.41).

After you set the SNTP time server as authoritative, run the following command on computers other than the domain controller to reset the local computer's time against the authoritative time server:
net time /set

No comments: