[ntp:questions] Win2k3 Server as NTP server?

Martin Burnicki martin.burnicki at meinberg.de
Mon Dec 14 16:23:03 UTC 2009


Dave Hart wrote:
> On Mon, Dec 14, 2009 at 14:11 UTC, Martin Burnicki wrote:
>>Hi Danny,
>>
>>just stumbled across your email in one of my email folders, but I didn't see
>>your reply on the news servers. So once again, looks likes emails to the
>>questions list are not gatewayed to the news group.
> 
> As far as I know, this has been broken for most of the last 6 months.
> Messages from the newsgroup are gatewayed to questions, but questions
> traffic never makes it to the newsgroup.

Hm ... no way to get this working correctly again? Steve? Brad?

>>Danny Mayer wrote:
>>>You can indeed run the reference implementation of NTP instead of
>>>w32time on a Windows Domain Controller and I am in fact doing that (as I
>>>mentioned in a previous message).
>>Yes, but what about the domain members? If you install ntpd on them and
>>configure them correctly I'd expect them to work properly.
>>
>>However, we have customers with a huge number of clients. In fact, I'd expect
>>that especially installations with many clients run a domain, simply to
>>reduce administrator efforts.
>>
>>I've often heard those guys don't want to install ntpd on every client simply
>>because they do not want to touch each individual client.
> 
> My understanding is domain members' w32time service will synchronize
> (using MS-SNTP A.K.A. [MSNTP] authenticated by a machine account
> secret) to the domain controller holding the PDC emulator "flexible
> single master operation" or FSMO role.  So if you have any domain
> members using w32time, you'll want to have at least one DC (the PDC
> FSMO role holder) running w32time (A.K.A. Windows Time Service).
> 
> I run ntpd on all my domain's DCs except for the PDC emulator, and
> have the PDC emulator's w32time sync to one of the DCs running ntpd.

That's basically also my understanding how this should be configured,
and that's what I'm telling customers if they ask me.

We still have a similar situation where customers buy e.g. one of our
GPS PCI cards to set up their own NTP server. They need to install our
driver software package to read the time from the card and discipline
the system time, plus w32time or ntpd to make the disciplined time
available on the network.

In any case w32time or ntpd must not touch the system time which is
disciplined by our own service. Doing so with ntpd is easy: simply
configure the "local" clock and that's it. Getting w32time to make the
system time available on the network without touching it is much harder.
 Some time ago we had a 2003 set up as DC with w32time and a PCI card,
and w32time did serve the time for exactly 1 day, then suddenly didn't
provide the client with time anymore.

So also in this case we tell customers to set up a different server with
ntpd, and then simply point the PDC's w32time to it.

Thanks for the affirmation.

Martin
-- 
Martin Burnicki

Meinberg Funkuhren
Bad Pyrmont
Germany



More information about the questions mailing list