How to Configure an Authoritative Time Server in Windows Server 2008

  |   By

Time synchronisation in modern computer networks is essential, all computers need to know the time as many applications, from sending an email to storing information are reliant on the PC knowing when the event took place.

Microsoft Windows Server from 2000 onwards has a time synchronisation utility built into the operating system called Windows Time (w32time.exe) which can be configured to operate as a network time server.

Windows Server 2008 can easily set the system clock to use UTC (Coordinated Universal Time, the World’s time standard) by accessing an Internet source (either: time.windows.com or time.nist.gov).

To achieve this, a user merely has to double click the clock on their desktop and adjust the settings in the Internet Time tab.

It must be noted however, that Microsoft and other operating system manufacturers strongly advise that external timing references should be used as Internet sources can’t be authenticated.

To configure the Windows Time service to use an external time source, click Start, Run and type regedit then click OK.

Locate the following subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\Type
In the right pane, right-click Type then click Modify, in edit Value type NTP in the Value data box then click OK.

Locate the following subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\AnnounceFlags.
In the right pane, right-click AnnounceFlags and click Modify. The ‘AnnounceFlags’ registry entry indicates whether the server is a trusted time reference, 5 indicates a trusted source so in the Edit DWORD Value box, under Value Data, type 5, then click OK.

Network Time Protocol (NTP) is an Internet protocol used for the transfer of accurate time, providing time information along so that a precise time can be obtained
To enable the Network Time Protocol; NTPserver, locate and click:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer\
In the right pane, right-click Enabled, then click Modify.

In the Edit DWord Value box, type 1 under Value data, then click OK.

Now go back and click on
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Parameters\NtpServer
In the right pane, right-click NtpServer, then Modify, in the Edit DWORD Value under Value Data type In the right pane, right-click NtpServer, then Modify, in the Edit DWORD Value under Value Data type the Domain Name System (DNS), each DNS must be unique and you must append 0x1 to the end of each DNS name otherwise changes will not take effect.

Now click Ok.

Locate and click the following
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient\SpecialPollInterval
In the right pane, right-click SpecialPollInterval, then click Modify.

In the Edit DWORD Value box, under Value Data, type the number of seconds you want for each poll, ie 900 will poll every 15 minutes, then click OK.
To configure the time correction settings, locate:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\config
In the right pane, right-click MaxPosPhaseCorrection, then Modify, in the Edit DWORD Value box, under Base, click Decimal, under Value Data, type a time in seconds such as 3600 (an hour) then click OK.
Now go back and click:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\config
In the right pane, right-click MaxNegPhaseCorrection, then Modify.

In the Edit DWORD box under base, click Decimal, under value data type the time in seconds you want to poll such as 3600 (polls in one hour)
Exit Registry Editor
Now, to restart windows time service, click Start, Run (or alternatively use the command prompt facility) and type:

net stop w32time && net start w32time
And that’s it your time server should be now up and running.

Windows Time Server Synchronising Your Network With NTP

  |   By

Nearly all a computers activity involves time whether logging a timestamp for when a network was accessed to sending an email, knowing the time is crucial for computer applications.

All computers have an on-board clock that provides time and date information. These Real Time Clock (RTC) chips are battery backed so that even when off they can maintain time, however these RTC chips are mass produced and cannot maintain accurate time and tend to drift.

For many applications this can be quite adequate, however if a computer is on a network and needs to talk to other machines, failing to be synchonised to the correct time can mean many time-sensitive transactions can not be completed and can even leave the network open to security threats.

All versions of Windows Server since 2000 have included a time synchronization facility, called Windows Time Service (w32time.exe), built into the operating system. This can be configured to operate as a network time server synchronizing all machines to a specific time source.

Windows Time Service uses a version of NTP (Network Time Protocol), normally a simplified version, of the Internet protocol which is designed to synchronise machines on a network, NTP is also the standard for which most computer networks across the global use to synchronise with.

Choosing the correct time source is vitally important. Most networks are synchronized to UTC (Coordinated Universal Time) source. UTC is a global standardized time based on atomic clocks which are the most accurate time sources.

UTC can be obtained over the Internet from such places as time.nist.gov (us Naval Observatory) or time.windows.com (Microsoft) but it must be noted that internet time sources can not be authenticated which can leave a system open to abuse and Microsoft and others advise using an external hardware source as a reference clock such as a specialized NTP server.

NTP servers receive their time source from either a specialist radio transmission from national physics laboratories which broadcast UTC time taken from an atomic clock source or by the GPS network which also relays UTC as a consequence of needing it to pin point locations.

NTP can maintain time over the public Internet to within 1/100th of a second (10 milliseconds) and can perform even better over LANs.

Keeping accurate time on Linux

  |   By

If you want to be sure that your computer clock is accurate you can configure your system to use NTP (Network Time Protocol), one of the oldest Internet protocols and the industry standard for time synchronisation.

NTP on will synchronise your computer’s clock to a pool of time servers around the world that are official ‘timekeepers’. It is best to choose the closest to you so response time is minimized and to use more than one in case one goes down. There are more than 1.500 servers to choose from, but some areas are better served than others. Many servers on the internet are extremely inaccurate and Internet time references should not be used as a replacement for a dedicated time server.

However, for basic time synchronisation purposes, Internet providers will suffice. The first step should be to select three servers close to you – preferably in your country, or if there aren’t enough, in your ‘zone. Go to ntp home and browse through the tree of zones and servers to select which ones are best for you. The follow these commands to configure:

1. Configure /etc/ntp.conf
Edit this file with a text-editor. Replace
server <example-server-name>
with your servers, such as:

server 0.br.pool.ntp.org
server 1.br.pool.ntp.org
server 2.br.pool.ntp.org

2. Synchronise your clock manually
If your clock is drifting too NTP might refuse to synchronise it, but it can be done manually:

ntpdate 0.br.pool.ntp.org (server name that you choose)

3. Make your ntp daemon executable

chmod +x /etc/rc.d/rc.ntpd

4. Start NTP now without rebooting
Again, a simple command:

/etc/rc.d/rc.ntpd start

Basic Time Server Information

  |   By

All PC’s and networking devices use clocks to maintain an internal system time. These clocks, called Real Time Clock chips (RTC) provide time and date information. The chips are battery backed so that even during power outages, they can maintain time.

Computer networks rely on timekeeping for nearly all their applications, from sending an email to saving data, a timestamp is necessary for computer to keep track. All routers and switches need to run at the same rate, out of sync devices can lead to data being lost and even entire connections.

For some transactions it is necessary for computers to be perfectly synchronised, even a few seconds difference between machines can have serious effects, such as finding an airline ticket you had booked had been sold moments later to another customer or you could draw your savings out of a cash machine and when your account is empty you could quickly going to another machine and withdraw it all again.

However, personal computers are not designed to be perfect clocks, their design has been optimized for mass production and low-cost rather than maintaining accurate time. However, these internal clocks are prone to drift and although for many application this can be quite adequate, often machines need to work together on a network and if the computers drift at different rates the computers will become out of sync with each other and problems can arise particularly with time sensitive transactions.

Time servers are like other computer servers in the sense they are usually located on a network. A time server gathers timing information, usually from an external hardware source and then synchronises the network to that time.

Most time servers use NTP (Network Time Protocol) which is one of the Internet’s oldest protocols still used, invented by Dr David Mills from the University of Delaware, it has been in utilized since 1985. NTP is a protocol designed to synchronize the clocks on computers and networks across the Internet or Local Area Networks (LANs).

NTP utilises an external timing reference and then synchronises all devices on the network to that time.

There are various sources that a NTP time server can use as a timing reference. The Internet is an obvious source, however, internet timing references from the Internet such as nist.gov and windows.time can not be authenticated, leaving the time server and therefore the network vulnerable to security threats.

Often time servers are synchronised to a UTC (Coordinated Universal time) source which is the global standard time scale and allows computers all over the world to synchronised to exactly the same time. This has obvious importance in industries where exact timing is crucial such as the stock exchange or airline industry.

UTC A global Timescale

  |   By

Coordinated Universal Time (UTC – from the  French Temps Universel Coordonné) is an international timescale based on the time told by atomic clocks. Atomic clocks are accurate to within a second in several million years. They are so accurate that International Atomic Time, the time relayed by these devices, is even more accurate than the spin of the Earth.

The Earth’s rotation is affected by the gravity of the moon and can therefore slow or speed up. For this reason, International Atomic Time (TAI from the French Temps Atomique International) has to have ‘Leap seconds’ added to keep it in line with the original timescale GMT (Greenwich meantime) also referred to as UT1, which is based on solar time.

This new timescale known as UTC is now used all over the world allowing computer networks and communications to be conducted at opposite sides of the globe.

UTC is governed not by an individual country or administration but a collaboration of atomic clocks all over the world which ensures political neutrality and also added accuracy.

UTC is transmitted in numerous ways across the globe and is utilised by computer networks, airlines and satellites to ensure accurate synchronisation no matter what the location on the Earth.

In the USA NIST (National Institute of Standards and Technology) broadcast UTC from their atomic clock in Fort Collins, Colorado. The National Physics Laboratories of the UK and Germany have similar systems in Europe.

The internet is also another source of UTC time. Over a thousand time servers across the web can be used to receive a UTC time source, although many are not precise enough for most networking needs.

Another, secure and more accurate method of receiving UTC is to use the signals transmitted by the USA’s Global Positioning System. The satellites of the GPS network all contain atomic clocks that are used to enable positioning. These clocks transmit the time which can be received using a GPS receiver.

Many dedicated time servers are available that can receive a UTC time source from either the GPS network or the National physics Laboratory’s transmissions (all of which are broadcast at 60 kHz longwave).

Most time servers use NTP (Network Time Protocol) to distribute and synchronise computer networks to UTC time.

Network Time Protocol (NTP), Understanding Synchronisation.

  |   By

Network Time Protocol seems to have been around for ever. In fact it is indeed one of the Internet’s oldest protocols having been developed in the 1980’s by Professor David Mills and his team from Delaware University.

In a laid-back world it perhaps doesn’t matter if computer networks are not synchronised. The only consequences of timing errors could be that an email arrives before it was sent but in industries such as airline seat reservation, the stock exchange or satellite communication, fractions of a second can cause serious errors such as selling seats more than once, the loss of millions of dollars or even fraud.

Computers are logical machines and as time is linear to a computer any event that happens on one machine must happen before news of that event reaches another. When networks are not synchronised computers struggle to deal with events that have obviously occurred (such as an email being sent) but according to their clock and time stamp it hasn’t yet, just think back to the millennium bug where it was feared clocks would jump back to 1900!

For this very reason NTP was developed.  NTP uses an algorithm (Marzullo’s algorithm) to synchronise the time with the current version of NTP can maintain time over the public Internet to within 10 milliseconds and can perform even better over LANs. NTP time servers work within the TCP/IP suite and rely on UDP (User Datagram Protocol).

NTP servers are normally dedicated NTP devices that use a single time reference to synchronise a network to. This time reference is most often a UTC (Coordinated Universal Time) source. UTC is a global time scale distributed by atomic clocks via the Internet, specialist long wave radio transmissions or via the GPS (Global Positioning System) network.

The NTP algorithm uses this time reference to determine the amount to advance or retreat the system or network clock. NTP analyses the timestamp’s values including the frequency of errors and its stability. A NTP server will maintain an estimate the quality of both the reference clocks and itself.

NTP is hierarchical. The distance from the timing reference is divided into strata. Stratum 0 is the atomic clock reference; Stratum 1 is the NTP server, while Stratum 2 is a server that receives timing information from the NTP server. NTP can support almost limitless strata although the further away from the timing reference you go the less accurate it will be.

As each stratum level can both receive and send timing signals, the advantage of this hierarchical system is that thousands of machines can be synchronised with only the need for one NTP server.

NTP contains its a security measure called authentication. Authentication verifies that each timestamp has come from the intended time reference by analysing a set of encryption keys that are sent with the time reference.  NTP analyses it and confirms whether it has come from the time source by verifying it against a set of trusted keys in its configuration files.

However, authentication is unavailable from timing sources from across the Internet which is why Microsoft and Novell amongst others strongly recommend only external time references are used such as a dedicated GPS NTP server or one that receives the national time and frequency long wave transmission.

Receiving the Time with Time Servers and the MSF transmitter

  |   By

MSF is the name given to the dedicated time broadcast provided by the National Physical Laboratory in the UK, It is an accurate and reliable source of UK civil time, based on the time scale UTC (Coordinated Universal Time).

MSF is used throughout the UK and indeed other parts of Europe to receive a UTC time source which can be used by radio clocks and to synchronise computer networks by using a NTP time server.

It is available 24 hours a day across the whole of the UK although in some areas the signal can be weaker and it is susceptible to interference and local topography. The signal operates on a frequency of 60 kHz and carries a time and date code which relays the following information in binary format: Year, month, day of month,  day of week,  hour,  minute,  British Summer Time (in effect or imminent) and DUT1 (the difference between UTC and UT1 which is based on the Earths rotation)

The MSF signal is transmitted from Anthorn Radio Station in Cumbria but was only recently moved there after residing in Rugby, Warwickshire since it was started in the 1960’s. The signal’s carrier frequency is at 60 kHz, controlled by caesium atomic clocks at the radio station.

Caesium atomic clocks are the most reliably accurate atomic clocks anywhere, neither losing nor gaining a second in several millions of years.

To receive the MSF signal simple radio clocks can be used to display the exact UTC time or alternatively MSF referenced time servers can receive the long-wave transmission and distribute the timing information around computer networks using NTP (Network Time Protocol).

The only real alternative to the MSF signal in the UK is to use the onboard caesium clocks of the GPS network (Global Positioning System) that relay accurate time information that can be used as a UTC time source.

Six Reasons why you need a Dedicated Network Time Server!

  |   By

Security
Having inaccurate time or running a network that is not synchronised can leave a computer system vulnerable to security threats and even fraud. Timestamps are the only point of reference for a computer to track applications and events. If these are inaccurate all sorts of problems can occur such as emails arriving before they were sent. It also makes possible such time sensitive transactions as e-commerce, online reservation and trading in stocks and share where exact timing with a network time server is essential and prices can fall or rise by millions in a second.

Protection:
Failure to synchronise a computer network can allow hackers and malicious uses the opportunity to get at your system, even fraudsters can take advantage. Even those machines that are synchronised can fall victim, especially when the use the Internet as a timing reference which allows an open door for malicious users to inject a virus into your network. Using Radio or GPS atomic clocks provide accurate time behind your firewall maintaining you security.

Accuracy:
NTP Time Servers ensure that all networked computers are synchronized automatically to the accurate time and date, now and in the future, automatically updating the network during daylight saving and leap seconds.

Legality:
If computer data is ever to be used in a court of law then it essential that the information comes from a network that is synchronised. If the system is not then the evidence may be inadmissible.

Happy users:
Stop users complaining about incorrect time on their workstations

Control:
You have control of the configuration. For example you can automatically changes the time forward and back each Spring and Autumn for daylight saving time or set your server time to be locked to UTC time only or any time zone you choose.

The Atomic Clock and the NTP Time Server

  |   By

Most people have heard of atomic clocks, their accuracy and precision are well known. An ato0mic clock has the potential to keep time for several hundred million years and not lose a second in drift. Drift is the process where clocks lose or gain time because of the inaccuracies in the mechanisms that make them work.

Mechanical clocks, for instance, have been around for hundreds of years but even the most expensive and well engineered will drift at least a second a day. Whilst electronic clocks are more accurate they also will drift by about a second a week.

Atomic clocks have no comparison when it comes to time keeping. Because an atomic clock is based on the oscillation of an atom (in most cases the caesium 133 atom) which has an exact and finite resonance (caesium is 9,192,631,770 every second) this makes them accurate to within a billionth of a second (a nanosecond).

While this type of accuracy is unparalleled it has made possible technologies and innovations that have changed the world. Satellite communication is only possible thanks to the time keeping of atomic clocks, so is satellite navigation. As the speed of light (and therefore radio waves) travel at over 300,000km a second an inaccuracy of a second could see a navigation system be hundreds of thousands of miles out.

Precise accuracy is also essential in many modern computer applications. Global communication, particularly financial transactions have to be done precisely. In Wall Street or the London stock exchange a second can see the value of stock rise or fall by millions. Online reservation also requires the accuracy and perfect synchronisation only atomic clocks can provide otherwise tickets could be sold more than once and cash machines could end up paying out your wages twice if you found a cash machine with a slow clock.

Whilst this may sound desirable to the more dishonest of us, it doesn’t take much imagination to understand what problems a lack of accuracy and synchronisation could cause. For this reason an International timescale based on the time told by atomic clocks has been developed.

UTC (Coordinated Universal Time) is the same everywhere and can account for the slowing of the Earth’s rotation by adding leap seconds to keep UTC inline with GMT (Greenwich Meantime). All computer networks that participate in global communication need to be synchronised to UTC. Because UTC is based on the time told by atomic clocks it is the most precise timescale possible. For a computer network to receive and keep synchronised to UTC  it first needs access to an atomic clock. These are expensive and large pieces of equipment and are generally only to be found in large scale physics laboratories.

Fortunately the time told by these clocks can still be received by a network time server wither by utilising time and frequency long wave broadcasts transmitted by national physics laboratories or from the GPS (Global Positioning system). NTP (network time protocol) can then distribute this UTC time to the network and use the time signal to keep all devices on the network perfectly synchronised to UTC.

Global Positioning System (GPS) Operation and Implementation

  |   By

The GPS (Global Positioning System) network has been around for over thirty years but it was only since 1983 when a Korean airliner was accidentally shot down did the US military, who own and control the system, agree to open it up for civilian use in the hope of preventing such tragedies.

The GPS system is currently the world’s only global navigational satellite system (GNSS) although Europe and China are currently developing their own (Galileo and GLONASS). GPS, or to give it its official name Navstar GPS is based on a constellation of between 24 and 32 Medium Earth Orbit satellites.

These satellites transmit messages via precise microwave signals. These messages contain the time the message was sent, a precise orbit for the satellite sending the message and the general system health and rough orbits of all GPS satellites.

To work out a position a GPS receiver is required. This receives the signal from 4 (or more) satellites. Because the satellites broadcast their position and the time the message was sent, the GPS receiver can use the timing signal and distance information to workout by process of triangulation exactly where it is in the world.

GPS and other GNSS systems can only pinpoint the location so accurately because each relays timing information from an onboard atomic clock. Atomic clocks are so accurate that they either lose or gain a second in millions of years. It is only this accuracy that makes GPS positioning possible because as the signal transmitted by the satellites travel at the speed of light (up to 180,000 miles an second) a one second inaccuracy could make place positioning thousands of miles in the wrong place.

Because of this onboard atomic clock and high level of timing accuracy, a GPS satellite can be used as a source for UTC (Coordinated Universal Time). UTC is a global timescale based on the time told by atomic clocks and used across the globe to allow computer networks to all synchronize to the same time.

Computer networks use NTP time servers (network time protocol) to synchronise their systems. An  NTP server connected to a GPS antenna can receive a UTC time signal from the satellite and then distribute amongst the network.

Utilizing the GPs for timing information is one of the most accurate and secure methods of receiving a UTC source with accuracies of a few milliseconds quite feasibly possible.