How to solve this
There are many ways to solve this issue. This is just the one I used based on my experience and expertise. I didn’t use this complex solution initially, it was only after all other solutions attempted failed, badly. My Windows Vista and Win7 computers were losing 2 minutes a day. After the first attempt to correct it with daily time sync, is was still losing about a minute, which was impacting some scheduled events. 1 minute off matters when someone else sets the start and end schedule.
What you need
- Windows7 and/or Windows Vista Computer with an inaccurate clock
- Debian-based Linux distribution. Actually, any UNIX solution should work in a very similar fashion, but these instructions are for APT-based Linux.
Setup an NTP Server
sudo apt-get update sudo apt-get install ntp
Edit the /etc/ntp.conf
Verify the lines below exist on the Linux server
- server pool.ntp.org
- server ntp.ubuntu.com
- restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap
- broadcast 192.168.1.255
You should correct the IP address and netmask for your network. There is no NTP authentication with these settings. I didn’t see a way to use NTP Auth with Windows.
Restart the NTP server
sudo /etc/init.d/ntp restart
If you need more information on the settings, man ntp.conf should help. There are different versions of NTP and v4 is more secure than v3.
- Under Win7, type Date into the search bar.
- Select the Date and Time program
- Select the Internet Time tab
- Change Settings
- Check Synchronize with an Internet time server checkbox
- Type in the IP address for your Linux server running NTP. Using the hostname may work, but it didn’t for me.
- Click Update now button.
- Click OK
By default, Windows updates the clock once a week. If your clock isn’t accurate, this obviously isn’t often enough.
- Run regedit
- Search for ntpclient under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\W32Time\TimeProviders\NtpClient
- Set SpecialPollInterval to a value in seconds. 1 hour is 3600 in decimal.
If you are still using an internet time server and not running one internally, never set the SpecialPollInterval to be less than 1 day. You will be banned for abuse from the time server.
Why you should solve this
Maintaining sub-second clock accuracy on a computer is important for encryption and authentication. A clock that is off more than a few seconds is a security vulnerability, especially if you are on a network and access other computer systems using shared credentials.
Network Time Protocol, NTP, has been around and working almost since the beginning of the internet. I know that in 1993, my employer had 3 NTP servers synchronized with hardware atomic signals so time drift could be accurately determined. Every computer on that network needed extremely accurate time so troubleshooting of real-time flight control issues weren’t compounded. Further, we used kerberos for authentication, so accurate time was critical.
On Microsoft Windows Server networks, I’ve seen time drift almost 5 minutes off. I find it hard to believe that MS can’t create, deploy, run a time service that is sub-second accurate. This problem was solved years ago. The solution works.
In the Windows Date/Time management interface, there are multiple internet time servers to chose. pool.ntp.org is the best choice that I know. The other servers are all bogged with too many requests. This is especially true for time.windows.com, which should be avoided at all costs.
How do you know that your clock is accurate?
Well, you should find a known-good time source. Often that is your TV cable and local TV stations. Sometimes there is an AM radio news station with an hourly BEEEP. Finally, you can visit time.gov, set your timezone and be fairly certain the displayed time is within a few seconds accurate. Good enough?
Virtual Servers and Time
If you run virtual servers, you need to know that the hypervisor OS is responsible for maintaining the clock for all client operating systems. Running NTP in a virtual machine, whether is it VMware, VirtualBox, Xen, or any other solution is a bad idea. Only the host/hypervisor should maintain the system clock.
Try just changing the settings in Windows First
Before you go to the effort to setup an internal network NTP server, try to fix the issue with just the Windows GUI and registry pollinterval hack. But don’t set the poll interval to be less than 1 day, unless you want to be banned.
I suspect you could run an NTP server under Windows
If your windows systems are having trouble keeping time, I doubt running an NTP server under windows will be useful, but it may work. I’ve seen settings for NTPServer in the registry for both Vista and Windows7. Good luck.
Net Time command
c:\ net time \\timesrv /set /yes
This command can be setup to run hourly or daily using the built-in Task Scheduler to have better control over your time synchronization. I found that doing the registry hack to force time synchronization to be quicker eventually failed. I needed a more reliable way to keep time synchronized.
- The account used for this in task scheduler must use a local administrator account.
- This works from Windows7 to a Linux NTP server.
- I suspect it will work to any other Windows PC running on the network, but I don’t know this as fact.
This last method may not work. 12 hours later and it seems one of the systems using this last method is off by about 2 minutes. That’s completely unacceptable to me. I probably didn’t get the administrative permissions elevated correctly.
Use the following link to trackback from your own site: