Time is the fire in which we all burn, so it say a wise man. But for IT Professionals the time is one of the essential’s things. It is very ugly when the system time of server’s across the Windows Domain are Different. CIFS Share’s will not Map, Printer don’t Print and Even the GPO Will not be Apply witch in Catastrophic Security Risks may end. To prevent this from happen some geeks invent the NTP (Network Time Protocol) which is implemented on Windows Server 2003 / Windows Server 2008 / Windows XP and  VISTA. The Windows 2k Line use SNTP (Simple Network Time Protocol) which is very different from the NTP. Don not tray this Article under Windows 2k. NTP is one of the Oldest Layer 7 Protocol for TCP/IP its funded in 1985 at the University of Delaware. Novell use NTP since Netware 3. So for all Netware People “it’s an Old Hut”.

 

The Key Idea of NTP is that you can have a Hierarchical Infrastructure of Time Servers. The Time Server are Categorisized in 17 ore 256 Stratum Classes. On MCSE ore Novell CNE Exame the use the version of ntp with 17 Stratum.

 

Wikipedia have a good expression of the Stratum Levels:

 

Stratum 0

These are devices such as atomic (caesium, rubidium) clocks, GPS clocks or other radio clocks. Stratum-0 devices are traditionally not attached to the network; instead they are locally connected to computers (e.g., via an RS-232 connection using a Pulse per second signal).

Stratum 1

These are computers attached to Stratum 0 devices. Normally they act as servers for timing requests from Stratum 2 servers via NTP. These computers are also referred to as time servers. Many Stratum 1 servers (for NTP v3 and earlier versions) may not actually be operating with Stratum 1 precision. As the NTP protocol is developed, it will become less and less possible for misleading Stratum 1 servers to run — instead the protocol would automatically bump the server Stratum level down accordingly.

Stratum 2

These are computers that send NTP requests to Stratum 1 servers. Normally a Stratum 2 computer will reference a number of Stratum 1 servers and use the NTP algorithm to gather the best data sample, dropping any Stratum 1 servers that seem obviously wrong. Stratum 2 computers will peer with other Stratum 2 computers to provide more stable and robust time for all devices in the peer group. Stratum 2 computers normally act as servers for Stratum 3 NTP requests.

Stratum 3

These computers employ exactly the same NTP functions of peering and data sampling as Stratum 2, and can themselves act as servers for lower strata, potentially up to 16 levels. NTP (depending on what version of NTP protocol in use) supports up to 256 strata.

 

Let us Focus on the Windows gap’s. Out of the Box the Following strata will be used.

 

Stratum           Description

 

1          Locally connected hardware clock (optional)

            Internet time server (optional)

 

2          PDC Emulator in forest root domain

 

3          Other domain controllers in forest root domain

            PDC Emulators in child domains

 

4          Workstations and member servers in forest root domain

            Other domain controllers in child domains

 

5          Workstations and member servers in child domains

 

Normally this will work very fine out of the box. But there are some Informants that have no Hardware Clock Locally Connected ore an Internet Connection to an Internet Time Server. In this case a registry change on the PDC in the forest root domain is required.

 

Go to HKEY LOCAL MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters

and edit the value of „ReliableTimeSource“ to „1“.

 

Go to HKEY LOCAL MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters

And edit the value of „LocalNTP“ to “1”

 

Restart the Time Service “start” -> “run” -> “net stop w32time && net start w32time.

 

To deploy the new time settings on the domain you must run “w32tm –s” from any Server and Client in the Domain except the time Server !!!