JSI Tip 8583. Configuring the Windows Time service against a large time offset.

Jerold Schulman

October 17, 2004

1 Min Read
ITPro Today logo in a gray background | ITPro Today


Microsoft Knowledge Base Article 884776 contains the following introduction:

Windows includes W32Time, the Time Service tool that is required by the Kerberos authentication protocol. The purpose of the Time Service tool is to make sure that all computers that are running Microsoft Windows 2000 or later versions in an organization use a common time.To make sure that there is appropriate common time usage, the Time Service uses a hierarchical relationship that controls authority. Also, the Time Service does not permit loops. By default, Windows-based computers use the following hierarchy:

All client desktop computers nominate the authenticating domain controller as their inbound time partner.

All member servers follow the same process that client desktop computers follow.

All domain controllers in a domain nominate the primary domain controller (PDC) operations master as their inbound time partner.

All PDC operations masters follow the hierarchy of domains in the selection of their inbound time partner.

In this hierarchy, the PDC operations master at the root of the forest becomes the authoritative time server for the organization. We highly recommend that you configure the authoritative time server to gather the time from a hardware source. When you configure the authoritative time server to sync with an Internet time source, there is no authentication. We also recommend that you lower your time correction settings for your servers and stand-alone clients. These recommendations provide more accuracy to your domain.



About the Author

Jerold Schulman

Jerold Schulman

See more from Jerold Schulman
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

a digital shield icon with a keyhole next to text that says linux kernel security
Vulnerabilities & Threats
Linux Kernel Exploits: How Attackers Gain Root Access and How To Defend Against It
Linux Kernel Exploits: Common Threats and How To Prevent Them

Oct 8, 2024

DevOps warning sign in front of gray sky
DevOps
How to Avoid Hidden DevOps Costs and Optimize for Efficiency
How to Avoid Hidden DevOps Costs and Optimize for Efficiency

Oct 9, 2024

a phone call between two business people reveals that one of them is a deepfake scammer
Vulnerabilities & Threats
We’re Worried About Deepfake Voice Scams. How Do We Protect Employees?
We’re Worried About Deepfake Voice Scams. How Do We Protect Employees?

Oct 4, 2024

Exclusive ITPro Resources
See all ITPro Resources

Featured Technical Explainers

MLOps
Ops and More
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?
Choosing Between Cloud and On-Prem MLOps: What's Best for Your Needs?
multicloud concept
Cloud Computing
Cross-Cloud: The Next Evolution in Cloud Computing?
Cross-Cloud: The Next Evolution in Cloud Computing?
Wi-Fi 6 speed logo glowing on virtual screen while businessperson points hand and using laptop computer.
IT Operations
Wi-Fi 6: A Step Forward, But Wired LAN Still Holds the Crown
Wi-Fi 6: A Step Forward, But Wired LAN Still Holds the Crown
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

Recent What Is

cartoon shows a person next to a checklist and several icons that represent disaster scenarios
Disaster Recovery
BCDR Basics: A Quick Reference Guide for Business Continuity & Disaster RecoveryBCDR Basics: A Quick Reference Guide for IT Pros
technology interface with a person's hand drawing gears and cogs
PowerShell
Introduction To PowerShell Environment VariablesIntroduction To PowerShell Environment Variables