Posts /

Handling Microsoft Windows NTP sync

Twitter Facebook Google+
23 Apr 2010

This post should raise some eyebrows around, as I’m advocating Linux since ages and I’m not at all into Microsoft stuff for the 99.99% of my time. This story comes out of that (usually negligible) 0.01%.

Why bother with NTP on MS Windows?

The Alfresco implementation I’m working on has to integrate with a fully MS-powered environment, with a Domain Controller pulling the strings of network entities such as users and hosts. As the customer has strict security requirements, no remote access can be granted to their intranet, and since their offices are a bit far away from mine, we decided to replicate their environment locally, providing the minimum set of components such as

I was able to build up the whole replicated environment, with a relative limited effort, using virtual machines to host all the different operating system on my laptop. I was so happy that everything worked almost at the first shot that I almost died when it all went wrong after the first reboot of the VMs: I couldn’t log anymore on the WinXP box!

It turned out that all clocks drifted away, making Kerberos auth checks fail because of replication attacks protection. Looked like it was time to strengthen my Win-fu and configure NTP in a proper way. This is what I learned.

WinServer2k8 and clock management

If there’s one thing I enjoyed out of all the time spent on these tasks, the prize goes definitely to w32tm: I had to deal with Windows, and there were no windows involved! As usual, whenever I’m typing into a command line, I feel at home. I’m actually writing this whole blog post to take note of the tricks I learned around w32tm and NTP clock sync. Here we go:

That’s it for now. I hope this will come in handy to somebody else, since I’ll try to avoid any more contact with the Microsoft stacks as long as possible, since without grep, find, awk, sed, vim I feel as uncomfortable as this.

Twitter Facebook Google+