Sometimes you might notice why the timing of your laptop is different from your mobile phone and the rest of the devices. You might wonder why and of course one of the easiest way to manually adjust the timing on the date/time settings but can this permanently resolve this issue.

Why I wanted to write this article is due recently to one of the senior management’s feedback that her laptop timing is incorrect with her mobile phone which causes her late for important meetings. There is 2 minutes difference and the laptop one is slower than the actual timing.

But in order to resolve this, I need to check the NTP server in my organization and also require to do some configuration using w32tm in my NTP server. I will elaborate further in this article.


What Is NTP?

It is another type of network protocol and it stands for Network Time Protocol which allows time synchronization for your computer systems and devices across the network. In short, it enables a device in the network to get the date & time from your NTP server in the same network.

What Is The Impact Of The Timing that Is Not Properly Synchronized?

With this in place, meaning all the devices and machines is like speaking at the same frequency where the timing is synchronization. So what is the impact if the timing of your machine is not properly synced?

  • Transaction Timing will be inconsistent, especially those in retail, banking etc.
  • The timestamp in the event& change logs tacking in your system will not be accurate
  • Systems like CCTV, Door Access the time recorded will be accurate and consistent
  • It will be an issue if you are running scheduler jobs to automate certain tasks that require precise timing.
  • You might be late for a meeting especially that important one if your laptop timing is slower than the actual time.
  • I believe there might be more, will add on if I encounter it again personally.

How Can You Check Your NTP configuration On Your Machine?

You can use this W32TM command in the command prompt. This W32TM is able to configure and check the settings for Windows Time Services. It is recommended to run as an administrator your command prompt.

Checking The NTP server and current Status Of Your Windows Time Service

To check the status of your w32tm:

w32tm /query /status

With this you are able to see the output of something like this in the screenshot below(from my personal laptop). If a client pc in the corporate environment usually you will able to see:

ReferenceID: The source ip address of the NTP server

Source: Your NTP server hostname

So it seems like the configuration is correct if I am able to see source ip address and ntp server hostname

w32tm /query /status output result

So I did a check on my NTP server which is also my domain controller server using the same command. And the source seems to be ok as it is configured to pool.ntp.org. You can view the list of public NTP servers available to configure for your NTP server.

Checking The Manually Configured Peers’s Status in W32TM

So you can use this command to check the peers configured:

w32tm /query /peers

With this command, you will be able to see the peer configured and the state of each peer. In this screenshot below extracted from my personal laptop, you can see that the peer which is configured to this public ntp called time.microsoft.com . And most importantly the state is showing pending instead of Active.

w32tm /query /peers

Similar state status happened on my NTP server as well and what I did was to restart the services for the Windows Time and do a resync using the command below. You can do restart manually in Window Services

net stop w32time
w32tm /resync /rediscover
net start w32time

But the state still did show active for a short while but it will went back to pending.

Manually Add Public NTP in to the Peer List using w32tm

What I did next was using this command to add pool.ntp.org to my NTP server and restart the services again. This command allows you to configure the peer list for the w32tm.

w32tm /config /manuaelpeerlist:pool.ntp.org /syncfromflags:manual /update /reliable:yes

I even try to configure other public NTP servers like time.microsoft.com and time.google.com but the state still will remain pending after a period of time.


Port used for NTP

I did a search for NTP and it is using UDP port 123. Therefore, the last thing I can check will be the firewall and whether the port is open for this NTP. In the end, confirm it was due to a firewall by the cybersecurity team.

After the port 123 for NTP is opened up for my NTP server, did a w32tm /query /peers command and was able to see the state is active now instead of pending.


Conclusion

Hopefully, this article does help you to save some time while doing the troubleshooting and finding the root cause. Ports used by NTP being blocked by the firewall can be one of many reasons and there might be other reasons as well in different scenarios.

In my case, I actually started to check on my NTP server first using the w32tm command. Feel free to share too if you encounter a different scenario for your NTP.

Categorized in: