[PCWorld]

Post your comments for Fix the Windows Clock So It Syncs Properly here

[JakeB]

Thanks, Rick.

To be honest, I haven't noticed a problem on my Acer ultraportable running Windows 7 Home Premium, but I'll make the change anyway.

[dragon69]

hey Rick i've only had this problem like 2 times in 2 years with windoze vista home premium 64 bit so maybe it is a once a year thing lol

thanks for this tip and i hope it work for me

tc and gl

[dragon69]

oh since i've had some troubles with 64 bit i just thought it was me and 64 bit and did not know others also had some problems ( i only googled it the first time close too 2 years ago and never got any solid hits )

[trungromance]

Thanks,
It works both on my PC and laptop.

[scottwilkins]

The reason why some NTP server don't sync well and cause your PC to mess up is the amount of time it takes to access that server. Depending on your ISP or other network issues, some server may be very slow to reach. Here's a page with a whole list of servers: http://tycho.usno.navy.mil/ntp.html

You should ping each server to find the one with the smalled ping value, meaning it will be close to you in network terms. Or download their software to have it automatically find the closest.

[CombiVerde]

I NEVER had that problem with XP...nor in w7.

[JamieM]

Rick,

I've seldom had a problem syncing to any of the time servers, except time.windows.com, which always seems to have issues (probably overloaded, like everything else at Microsoft's websites). I tried to use your suggested server at pool.ntp.org, and it failed to connect (I'm sure it was just busy each time I tried). I prefer syncing to the time.nist.gov server. Granted, it is operated by the U.S. government, but it is one of the few things they've actually done right.

Thanks for the informative articles. Keep up the good work.

Jamie

[WinTard]

I can also state I never get that problem? In Windows 7 or Vista or XP?

Perhaps the fact these are domain machines, they will synchronize with the nearest Active Directory Controller while connected to the business?

When these nodes are not in contact with (logged into) any AD node (either because I'm not connected to any Enterprise Network or I'm away, on the road, at home, or travelling, hotel room, airport...) then the synchronization occurs automatically, first to:

• time.windows.com
• time.nist.gov
• time-a.nist.gov

I didn't know about this pool.ntp.org round-robbin DNS NTP server? Thanks for the info.

But making an article with:

Quote

Fix the Windows Clock So It Syncs Properly
Rick Broida

timestamp(1268775480000,'longDateTime')Mar 16, 2010 5:38 pm

Windows 7 may be the best Windows yet, but it suffers from the same annoying problem that plagued Vista and even XP: Its clock doesn't keep good time.

Is pure FUD and disinformation. At fault is probably your ISP for being congested. Or some weird misconfiguration of your TCP/IP settings, or some crappy anti-virus software suite.

As to our Active Domain Controllers NTP time reference servers, I specifically configure them to:

net time /setsntp:"time-nw.nist.gov tick.usno.navy.mil tock.usno.navy.mil"

through a script entitled setsntp.cmd in the startup of the Windows Server. This script will work from Windows 2000 Server all the way to Windows 2008 Server.

For more technical info:

Quote

The US Naval Observatory
The Naval Observatory operates an ensemble of stratum 1 NTP servers which are synchronized to the USNO Master Clocks or to GPS as their stratum 0.

About as precise as it can be?

For those who want to synchronize their personal computer clocks manually with a precise atomic reference, please see:

The freeware utility AtomTime95. That too works very well today from Windows 7 all the way down to Windows 95.

Bottom line is Windows works all by itself very well, thank you. However, I've noticed much faster manual time synchronization using Vista or Windows 7 rather than Windows XP. And when one site times-out (such as the time.microsoft.com NTP server) while using XP, that's why I've configured the other servers in the drop down box.

Again thanks for the pool.ntp.org. Remember that simply pointing to an arbitrary NTP server doesn't change Windows. The fault resides with anything in the path to the NTP server, starting with your local ISP.

[dragon69]

again rick "a very good read"

well wintard of coarse you don't have this problem because you change the default windoze server but if you had left t to the default you would of had a small chance to experience

btw what caused you not to trust micro$oft and change the default time server to begin with

[rdchas]

Funny, but I've never had a problem with this.

[WinTard]

dragon69, on 17 March 2010 - 03:46 PM, said:

again rick "a very good read"

well wintard of coarse you don't have this problem because you change the default windoze server but if you had left t to the default you would of had a small chance to experience

btw what caused you not to trust micro$oft and change the default time server to begin with

You never understand anything do you? Yet you love to twist things around as a FUD master?

I didn't change the default server from time.microsoft.com. I just added two more, just like the author of this article pointed out: pool.ntp.org is just another bunch of NTP server is it? (Load balanced in a round-robbin DNS fashion). If you still don't understand what that means, then do your homework by yourself.

Why are some people so obtuse and correspondingly so anti-Microsoft? At least if you had some rational arguments?

You do realize there are differences between client and servers? And that clients synchronize with the nearest server, in this case the AD Controller in a domain? Anyway, it appears Active Directory, LDAP and Kerberos are well beyond the scope of your comprehension...

Too bad. So sad.

[quackadilly]

I always sync with Nist.

[WinTard]

It is not my habit to leave issues dangling; for those interested as to why enterprise domain (not workgroup) windows client nodes do not (and cannot) experience time synchronization issues:

Active Directory is fundamentally built upon native LDAP (Lightweight Directory Access Protocol) and uses Kerberos as a method of network authentication protocol. Kerberos requires every single node in a forest be synchronized to prevent spoofing attacks. Thus security tokens are time-sensitive and expire after a time period. This prevents anyone from snooping upon packets and simply replaying "man-in-the-middle" tokens to fool the security infrastructure and usurp some identity.

Quote

http://technet.micro.../cc756627(WS.10).aspx
Time Source Peer Authentication

Within an Active Directory forest, the Windows Time service (W32time) relies on standard domain security features to enforce the authentication of time data. The security of Network Time Protocol (NTP) packets that are sent between a domain member and a local domain controller that is acting as a time server is based on shared key authentication. The Windows Time service uses the local computer's Kerberos session key to create authenticated signatures on NTP packets that are sent across the network. When a computer requests the time from a domain controller in the domain hierarchy, the Windows Time service requires that the time be authenticated. The domain controller then returns the required information in the form of a 64-bit value that has been authenticated with the session key from the NetLogon service. If the returned NTP packet is not signed with the computer’s session key or if it is not signed correctly, the time is rejected. In this way, the Windows Time service provides security for NTP data in an Active Directory forest.

~~~~~~~~~~
A specialist is someone who knows more and more about less and less until they know absolutely everything about nothing.
~ A Specialist

[TomSobieski]

dragon69, on 16 March 2010 - 05:25 PM, said:

hey Rick i've only had this problem like 2 times in 2 years with windoze vista home premium 64 bit so maybe it is a once a year

I've had this problem many times, even with changing the time server. With the one you listed I got it first time. Couldn't believe it so I did it again the next day and it worked like a charm. BTW I first saw this in your article in the Washington Post and they didn't print the name of the server used, All it said was "replace it with.." so I had to hunt you down.

[RedGreenBlue]

One of the first things I learned about computers is that the motherboard clocks rarely if ever keep perfect time (and some are much worse than others), so to be accurate within a second or two, they need to be corrected often enough to overcome their inherent inaccuracy. I don't know whether the Microsoft time server is any good (though I use one of the NIST servers myself), but I do know that the default updating interval in Windows 7 is once a week. I have never had a PC that could stay accurate within a second for that long.

For, however, those willing to edit the registry, there is an easy fix. The update interval is specified in seconds, so, for example, you can change the interval to once a day by substituting in the registry key the number of seconds in a day: 86,400. See http://www.howtogeek...-sync-problems/ for the details. (The link to this page was provided in a Microsoft tech forum by Microsoft tech.)

[StephenRKirts]

I am more concerned with time zone than a second of accuracy. My laptop had apparently been keeping good time for more than nine months. Then I was forced to reload Win7 Premium. Now, when I select Indiana (East), which happens to be where I live, the window says this time zone does not observe DST (huhhh?). This after I have checked the DST box!

[jasphrodite]

Thank you for this as I have had issues since installing Windows 8 but now it's all good!

[LisaMazurekSchulz]

thank you, thank you, thank you~! How annoying this was before you offered an easy fix!