Basic Operation of the Windows Time Service

ID: Q224799

The information in this article applies to:
  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Professional

SUMMARY

Windows 2000 uses a new time synchronization service to synchronize the date and time of computers running on a Windows 2000-based network. Synchronized time is critical in Window 2000 because the default authentication protocol (MIT Kerberos version 5) uses workstation time as part of the authentication ticket generation process.


MORE INFORMATION

The Windows Time Synchronization service (W32Time) is a fully compliant implementation of the Simple Network Time Protocol (SNTP) as detailed in IETF RFC 1769.

Basic Operation

  1. Client Boot


    1. The client contacts an authenticating domain controller.


      1. Packets are exchanged to determine the latency of communication between the two computers.


      2. W32Time determines what current time should be converged to locally, (the "target" time).


    2. The client adjusts the local time.


      1. If the target time is ahead of local time, local time is immediately set to the target time.


      2. If the target time is behind local time, the local clock is slowed (slewed) over the next 20 minutes to align the two times, unless local time is more than 2 minutes out of synchronization, in which case the time is immediately set


  2. Interval Checks


    1. The time server client performs periodic checks.


      1. The client connects to the "inbound time partner" (authenticating domain controller) once each "period."


      2. The initial period is eight hours.


    2. If the local time is off from the target time by more than two seconds:


      1. The interval check period is divided in half.


      2. This process is repeated at the next interval check until either:


        1. The local and target time remain within two seconds of each other, or


        2. The interval frequency is reduced to the minimum setting of 45 minutes.


      3. If accuracy is maintained within two seconds, the interval check period is doubled, up to a maximum period of eight hours.


  3. Time Convergence Hierarchy


    1. All client desktops nominate as their inbound time partner the authenticating domain controller (the domain controller returned by DSGetDCName()). If this domain controller becomes unavailable, the client re-issues its request for a domain controller.


    2. All member servers follow the same process.


    3. All domain controllers in a domain nominate the primary domain controller (PDC) Flexible Single Master Operation (FSMO) to be the inbound time partner.


    4. All PDC FSMOs in the enterprise follow the hierarchy of domains in their selection of an inbound time partner.


    5. The PDC FSMO at the root of the forest is authoritative, and can be manually set to synchronize with an outside time source (such as the United States Naval Observatory).


Additional query words: win2000hotds

Keywords : kbenv
Version : WINDOWS:2000
Platform : WINDOWS
Issue type : kbinfo


Last Reviewed: January 4, 2000
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.