Windows NT
Last update: April 3, 2024 18:24 UTC (fe4830d85)
Introduction
The NTP 4 distribution runs as service on Windows 2000 and later. It will NOT run on Windows 95, 98, ME, etc. Lately it has been run the most on Windows-7 and later. The binaries work on multi-processor systems. This port has not been tested on the Alpha platform. This release now uses OpenSSL for authentication. A ready-to-run install distribution is available from Meinberg.
Users should note that the stock Windows client sends requests as mode-1 packets, which can have unintended consequences and create a security risk. The client should send requests as mode-3 (client) packets, which conform to the protocol specification. The issues and resolution are described in Microsoft KB 875424. A less desirable alternative that avoids changing registry keys is to use the --with-wintime
option when building the executable.
Authentication Keys
With this release ntp-keygen
is supported. See the ntp keygen documentation for details on how to use ntp-keygen
.
ntpd
can now use the generated keys in the same way as on Unix platforms. Please refer to the Authentication Options for details on how to use these.
NOTE: ntpd
and ntp-keygen
both use OpenSSL which requires a random character file called .rnd
by default. Both of these programs will automatically generate this file if they are not found. The programs will look for an environmental variable called RANDFILE
and use that for the name of the random character file if the variable exists. If it does not exist it will look for an environmental variable called HOME
and use that directory to search for a file called .rnd
in that directory. Finally, if neither RANDFILE
nor HOME
exists it will look in C:\
for a .rnd
file. In each case it will search for and create the file if the environmental variable exists or in the C:\
directory if it doesn’t.
Note that ntpd
normally runs as a service so that the only way that it will have either RANDFILE
or HOME
defined is if it is a System environmental variable or if the service is run under a specific account name and that account has one of those variables defined. Otherwise it will use the file c:\.rnd
. This was done so that OpenSSL will work normally on Win32 systems. This obviates the need to ship the OpenSSL.exe
file and explain how to generate the .rnd
file. A future version may change this behavior.
Refer to Compiling Requirements and Instructions for how to compile the program.
Reference Clocks
Reference clock support under Windows NT is tricky because the IO functions are so much different. Some of the clock types have been built into the ntpd
executable and should work but have not been tested by the NTP project. If you have a clock that runs on Win32 and the driver is there but not implemented on Win32 you will have make the required configuration changes in config.h
and then build ntpd
from source and test it. The Undisciplined Local Clock (Type 1) reference clock is known to work and is supported by Windows NT.
Functions Supported
All NTP functions are supported with some constraints. See the TODO list below. Note that the ntptrace
executable is not supported and you should use the PERL script version instead.
Accuracy
Greg Brackley has implemented a fantastic interpolation scheme that improves the precision of the NTP clock using a realtime thread (is that poetic or what!) which captures a tick count from the 8253 counter after each OS tick. The count is used to interpolate the time between operating system ticks.
On a typical 200+ MHz system NTP achieves a precision of about 5 microseconds and synchronizes the clock to +/-500 microseconds using the Trimble Palisade as UTC reference. This allows distributed applications to use the 10 milliseconds ticks available to them with high confidence.
ToDo
These tasks are in no particular order of priority.
- Add IPv6 support (UPDATE: available in newer binaries from Meinberg).
- See if precision can be improved by using CPU cycle counter for tick interpolation.
- Make precision time available to applications using
NTP_GETTIME API
.
Compiling Requirements
- Windows 7 or Windows.NET Server 2003, or later.
- Windows NT 4.0 Windows 2000, Windows XP or Windows Vista may still work.
- Microsoft Visual C++ 2008, 2010, or 2013 EE.
- Some way of uncompressing and untarring the gzipped tar file.
- OpenSSL must be built on the box before building NTP. Additional steps would be required to not use OpenSSL.
- Microsoft Visual C++ redistributables.
Compiling Instructions
-
Install Microsoft Visual C++ redistributables.
-
Install OpenSSL full installer for Windows. Add the following to your system environment variables in the control panel (adjusting paths as appropriate to point to the directory containing only an openssl subdirectory, for OPENSSL_INC
, and to the directory containing openssl .lib
files for OPENSSL_LIB:
OPENSSL_INC=C:\OpenSSL\include
OPENSSL_LIB=C:\OpenSSL\lib
-
Unpack the NTP-4.x.tar.gz
using utilities such as WinZip or WinRar.
-
Run Microsoft Visual C++ 2008 EE.
-
Open the ports\winnt\vs2008\ntp.sln
solution file.
-
Batch build all projects (Build menu, Batch Build…, select all, build).
-
The built binaries can be found in the ports\winnt\v2008\Win32-bin\Release
directory.
-
If you are shipping binaries in a kit it is strongly recommended that you ship this file along with the binaries.
Configuration File
The default NTP configuration file path is %SystemRoot%\system32\drivers\etc\
. %SystemRoot%
is an environmental variable that can be determined by typing set
at the Command Prompt or from the System icon in the Control Panel.
Refer to your system environment and create your ntp.conf
file in the directory corresponding to your system installation. The older <WINDIR>\ntp.conf
is still supported but you will get a log entry reporting that the first file wasn’t found.
Installation Instructions
The instsrv
program in the instsrv
subdirectory of the distribution can be used to install ntpd
as a service and start automatically at boot time. instsrv
is automatically compiled with the rest of the distribution if you followed the steps above.
-
Start a command prompt and enter instsrv.exe <pathname_for_ntpd.exe>
.
-
Clicking on the Services icon in the Control Panel will display the list of currently installed services in a dialog box. The NetworkTimeProtocol service should show up in this list. Select it in the list and hit the Start button in the dialog box. The NTP service should start.
-
You can also stop and start the service by typing net start | stop NetworkTimeProtocol
at the DOS prompt.
-
View the event log by clicking on the Event Viewer icon in the Administrative Tools group, there should be several successful startup messages from NTP. NTP will keep running and restart automatically when the machine is rebooted.
You can change the start mode (automatic/manual) and other startup parameters corresponding to the NTP service in the Services dialog box if you wish.
Removing NTP
You can also use instsrv
to delete the NTP service by entering: instsrv.exe remove
.
Command Line Parameters and Registry Entries
Unlike the Unix environment, there is no clean way to run ntpdate
and reset the clock before starting ntpd
at boot time. NTP will step the clock up to 1000 seconds by default. While there is no reason that the system clock should be that much off during bootup if ntpd
was running before, you may wish to override this default and/or pass other command line directives.
Use the registry editor to edit the value for the ntpd
executable under LocalMachine\System\CurrentControlSet\Services\NTP
.
Add the -g
option to the ImagePath
key, behind %INSTALLDIR>\ntpd.exe
. This will force NTP to accept large time errors (including 1.1.1980 00:00).
Bug Reports
Please follow the NTP Bug Reporting Procedures to report bugs or request enhancements.