Time Service Utility-W32TM.exe
Time Service Utility
The Windows Time service (W32Time) is designed to maintain date and time synchronization for computers running client and server versions of Microsoft Windows. The primary use for such time synchronization is to ensure the security of Kerberos authentication within an Active Directory environment including virtual machines running on Hyper-V hosts. To prevent replay attacks, Kerberos tickets presented to domain controllers by clients are time-stamped. The authenticating domain controller checks to make sure the timestamp is unique and falls within an allowable skew before accepting the ticket and authenticating the client. To ensure this system works properly, both the client and the domain controller clocks must be loosely synchronized within the allowable skew, and W32Time ensures this is the case
Syntax
Register the time service, and add default config to the registry
W32TM /register
Unregister the time service, and remove config from the registry
W32TM /unregister
The domain/computers to monitor
W32TM /monitor [/domain:domain_name] [/computers:name[,name[,name…]]] [/threads:num]
Convert a Windows NT system time, in (10^-7)s intervals from 0h 1-Jan 1601, into a readable format.
W32TM /ntte NT_Time_Epoch
Converts a Network Time Protocol (NTP) time, in (2^-32)s intervals from 0h 1-Jan 1900, into a readable format
W32TM /ntpte Network_Time
Tell a computer that it should resynchronize its clock as soon as possible, discarding all accumulated error stats
W32TM /resync [/computer:computer] [/nowait] [/rediscover] [/soft]
Display a strip chart of the offset between this computer and another computer
W32TM /stripchart /computer:target [/period:refresh] [/dataonly][/samples:count] [/packetinfo] [/ipprotocol:<4|6>
Adjust the configuration of target
W32TM /config [/computer:target] [/update] [/manualpeerlist:peers][/syncfromflags:source] [/LocalClockDispersion:seconds][/reliable:(YES|NO)] [/largephaseoffset:milliseconds]
Display the current time zone settings.
W32TM /tz
Display the values that are associated with a given registry key.
(default/root key is HKLM\System\CurrentControlSet\Services\W32Time)
W32TM /dumpreg [/subkey:key] [/computer:target]
Display a computer’s Windows Time service information.
W32TM /query [/computer:target] {/source | /configuration | /peers | /status} [/verbose]
Enable or disable a local computer Windows Time service private log.
W32TM /debug {/disable | {/enable /file:name /size:bytes /entries:value [/truncate]}}
Options:
Domain The domain to monitor. If no domain name is specified, or neither the domain nor
computers option is specified, the default domain is used.
This option might be used more than once.
computers Monitor the given list of computers. Computer names are separated by commas, with
no spaces. If a name has a prefix of a ‘*’, it is treated as a primary domain
controller (PDC). You can use this option more than once.
computer The computer to act upon, by default the local computer.
threads The number of computers to analyze simultaneously. 1-50, default=3.
NT_Time_Epoch
A hex value representing a 64 bit integer that represents the number of seconds
elapsed since 1900-01-01 00:00:00 (can be supplied as either Hex or integer)
In reverse byte order, the first hex byte is the least significant:
(1900-01-01 00:00:01 is encoded as 0x01000000)
/nowait Do not wait for the resynchronization to occur; return immediately.
Otherwise, wait for the resynchronization to complete before returning.
/rediscover Redetect the network configuration and rediscover network sources;
then, resynchronize.
/soft This option is only provided for compatibility with older time servers and will
resynchronize using existing error statistics..
/period:refresh
The time between samples, in seconds. The default value is 2 seconds.
/Dataonly Display only the data, without graphics.
/samples:count
Collect count samples; then, stop.
If a value is not specified, samples will be collected until Ctrl+C is pressed.
/packetinfo
Print out NTP packet response message.
/Ipprotocol 4|6
Specify the IP protocol to use. Default = use whatever is available.
/update Notify the time service that the configuration has changed, causing the changes
to take effect.
/manualpeerlist:peers
Set the manual peer list to peers, which is a space-delimited list of Domain Name
System (DNS) and/or IP addresses. When you are specifying multiple peers, this option
must be enclosed in quotation marks (“).
/syncfromflags:source
Sets what sources the NTP client should synchronize from. source should be a
comma-separated list of these keywords (not case sensitive):
MANUAL — Include peers from the manual peer list.
DOMHIER — Synchronize from a domain controller in the domain hierarchy.
NO — Do not synchronize from any server.
ALL — Synchronize from both manual and domain peers.
/LocalClockDispersion:seconds
Configures the accuracy of the internal clock that W32time will assume when
it cannot acquire time from its configured sources.
/reliable:(YES|NO)
Set whether this computer is a reliable time source. This setting is meaningful only on domain controllers.
/largephaseoffset:milliseconds
Sets the time difference between local time and network time that W32time will consider to be a spike.
/source Display the time source.
/configuration
Display the configuration of run time and where the setting comes from.
In verbose mode, display the undefined or unused setting also.
/peers Display a list of peers and their status.
/status Display Windows Time service status.
/verbose Set the verbose mode to display more information.
/disable Disable the private log.
/enable Enable the private log.
file:name The absolute file name.
size:bytes The maximum size for circular logging.
entries:value Contains a list of flags, specified by number and separated by commas, that specify
the types of information that should be logged. Valid numbers are 0 to 300.
A range of numbers is valid, in addition to single numbers, such as 0 through 100,103,106.
Value 0-300 is for logging all information.
/truncate Truncate the file if it exists.
/? Display help.S
The W32Time service is not a full-featured Network Time Protocol (NTP) solution that meets time-sensitive needs.
By default the Windows Time service (w32time) will synchronize it’s time once per week.
This can be extended to daily by setting a Scheduled Task to start the service and run w32tm /resyn.
The options /debug, /packetinfo and /ipprotocol are available from Windows Vista and above.
/stripchart /packetinfo – will output three timestamps – The first hex number is byte order reversed NTP date, followed by the ANSI date (number of days since 1st Jan 1601) followed by the date/time in readable/local format.
The option /ntpte – will output three timestamps – The first hex number is an NTTE date (as also understood by w32tm.exe /ntte ), followed by the ANSI date (number of days since 1st Jan 1601) followed by the date/time in readable/local format.
The option /ntte – will output two timestamps – first the ANSI date (number of days since 1st Jan 1601) followed by the date/time in readable/local format.
A computer that is a member of a domain is configured by default to synchronize from the domain hierarchy, manually-specified synchronization is most useful for the forest root of the domain or for computers that are not joined to a domain.
Public NTP servers:
- NIST Internet Time Service time.nist.gov – part of the NIST Physical Measurement Laboratory, maintains the standard for frequency and time interval for the United States.
- NTP Pool project pool.ntp.org (or “0.pool.ntp.org 1.pool.ntp.org 2.pool.ntp.org 3.pool.ntp.org”) a big virtual cluster of timeservers.
- time.windows.com – Microsoft’s own time server (not particularly reliable).
Examples:
Set the local Windows Time client to point to two different time servers, one named time.nist.gov and another named pool.ntp.org
W32TM.exe /config /manualpeerlist:"time.nist.gov pool.ntp.org" /syncfromflags:manual /update
Check the Windows Time client configuration from a client computer running Windows 7 that has a host name of PC64
W32TM.exe /query /computer:PC64 /configuration
Convert an NTTE formatted date into a readable format, if using hex, prefix with 0x:
W32TM.exe /ntte 0x01cf070000000000
W32TM.exe /ntte 130330610798428160
Convert an NTP formatted date into a readable format, if using hex, prefix with 0x:
W32TM.exe /ntpte 0x72386aa6917c63d8
So, that’s all in this blog. I will meet you soon with some other stuff. Have a nice day !!!
Recommended content
RODC Installation Guide- Step by step guide to install read only domain controller
RODC Filtered Attribute Set
Installing and configuring a RODC in Windows Server-2012
How to find the GUID of Domain Controller
Group Policy Understanding Group Policy Preferences
Group Policy Verification Tool GPOTool Exe
Group Policy Health Check on Specific Domain Controller
What is Netlogon Folder in Active Directory
How to Create Custom Attributes in Active Directory
How Can I Check the Tombstone Lifetime of My Active Directory Forest
How to Determine a Computers AD Site From the Command Line
How to Check the Active Directory Database Integrity
How to Check the Active Directory Database Integrity
Disabling and Enabling the Outbound Replication
DFS Replication Service Stopped Replication
What is Strict Replication Consistency
The replication operation failed because of a schema mismatch between the servers involved
Troubleshooting ad replication error 8418 the replication operation failed because of a schema mismatch between the servers
How to export replication information in txt file
Repadmin Replsummary
Enabling the outbound replication
Guys please don’t forget to like and share the post. You can also share the feedback on below windows techno email id.
If you have any questions feel free to contact us on admin@windowstechno.com also follow us on facebook@windowstechno to get updates about new blog posts.
