Microsoft NTP servers suffer hiccups

For over 24 hours, Microsoft's time servers were not giving Windows PCs and servers the right time.

Sometime on the morning of April 3, Microsoft's Network Time Protocol (NTP) servers went haywire. At first, Microsoft's NTP server (time.windows.com) reported the time being an hour later than it should have been. Then, the site went offline. Finally, 24 hours later, the time server came back online with the right time.

Clock

Microsoft's time keeping when awry for over a day.

Photo: Joe McKendrick

What happened? We don't know, and Microsoft isn't saying. Microsoft has yet to return emails about the matter.

Here's what Microsoft's NTP server looked liked at first using the Linux ntpdate command:

$ ntpdate -q time.windows.com server 13.79.154.18, stratum 16, offset 16.852572, delay 0.03661

The telltale sign that's something's badly wrong is "stratum 16". This tells an NTP administrator that the NTP server isn't synchronized with a clock. As you might imagine, if you're trying to set your computer time without a clock, you're in deep trouble.

Later, Microsoft switched time.windows.com to a new domain address. That didn't work out well either.

3 Apr 10:50:13 ntpdate[25672]: no server suitable for synchronization found

By the EDT afternoon, Microsoft had fixed whatever the root problem was and the time was being set correctly.

In the aftermath, you may see a variety of errors on your Windows systems ranging from fouled-up log posts to oddball email date and time stamps. So, if you see some odd time errors in your other programs, you can blame time.windows.com for the foul-ups.

To prevent this kind of bug from messing up your systems, I suggest not relying solely on time.windows.com for your network time-keeping. You can do this from Windows' cmd interface with the following commands on your domain controller (DC):

w32tm.exe /config /manualpeerlist:"time.nist.gov time.windows.com 0.us.pool.ntp.org 1.us.pool.ntp.org 2.us.pool.ntp.org" /syncfromflags:manual /reliable:YES /update

w32tm.exe /config /update

Restart-Service w32time

This set of commands makes your machines use the NIST, Microsoft, and three US NTP Pool servers to set their time.

You might also want to consider running your own NTP server and clock. To do this, you can even use a Raspberry Pi to build a reliable NTP server.

If you're running Linux servers, I also suggest moving from NTP, which has not been well-maintained, to the newer and more secure NTPSec.

Related Stories:

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All