Configuring Time in Windows 7 and Win 2008 R2

Introduction

When it comes to the appliances or clocks around the house, it does not really matter if the time is completely accurate. It is normal for them to be a few minutes off. However, with cellular phones and computers today, we have the expectation that the time (and especially the date) will be 100% accurate, without fail (or at least I have that expectation). It’s not that this is just “nice”, correct time and date are actually required for many enterprise infrastructure features to work. For example, servers and PC clients participating in Windows Active Directory must have the right date & time or else authentication will fail.

I have a server whose onboard battery is bad. If it loses power and comes back up, the date and time are wrong. The server boots up and appears to work, however, I cannot connect to it via RDP because of the significant date difference. This happens because, for the security certificates to validate, the date between the server and client must be, at least, “close”. Also, with it being a domain controller, this time issue could cause the whole AD domain to be unable to authenticate.

What’s different in Windows 7 related to time and date?

Honestly, the Windows Vista and Windows 7 time and date configuration is very similar. By double-clicking on the taskbar clock you will bring up the Date and Time configuration where you will configure the date, time, timezone, additional clocks, and Internet time.

The only difference that I could find is the reminder for daylight savings time. In Windows Vista, the default is to Remind me one week before this change occurs. With that setting, of course, you would get one week advance notice before the clock “springs forward” or “falls back”.


Figure 1: Windows 7 Date and Time Configuration

I do not think that one week notice is very helpful. Surely, you will forget that it is going to change the time one week later. Microsoft must have felt the same way because in Windows 7, they changed this to just Notify me when the clock changes. Thus, you would just be alerted that it has changed. That is fine with me. I do not think that most of us need a one week notification.

Of course, the time and date that daylight savings time occurs in the United States changed in 2009 and the application of DST around the world is very different. Fortunately, Microsoft keeps track of that for us and makes these changes based on our Windows time zone settings.

Windows 2008 – before and after DCPROMO

With a Windows Server, time and date can be very different if you are using it as an Active Directory Domain Controller (ADDC).

A typical Windows 2008 server will, by default, look very much like the Windows 7 machine in Figure 1. All the same tabs, including Internet Time, are present. You can see this in Figure 2, below.


Figure 2: Windows 2008 Server before DCPROMO

However, what happens if you make that same Windows Server a DC?

After running a DCPROMO, if you go back into the same Date and Time tool, you will find that the Internet Time tab is missing. Take a look at this in Figure 3, below.


Figure 3: Windows 2008 Server After DCPROMO

Why is this? Well, when a Windows Server becomes a domain controller the default of obtaining the date & time via NTP from time.windows.com, over the Internet, goes away. The server becomes the root time server for all computers in the domain using Windows SNTP (simple network time protocol). The w32tm service (and CLI command) is what provides this and controls this.

As you can see, on this server that is not a ADDC, the Windows Time service is set to manual and is not started.


Figure 4: Windows Time not started on default server

However, on the Windows Server in Figure 5, the Windows Time server IS started and set to Automatic because this is an Active Directory Domain Controller.


Figure 5: Windows Time running on Domain Controller

Configuring a domain controller to use NTP

By default on a domain controller, the internal BIOS clock on the server is the source for date and time in the entire infrastructure. However, how do you know it is right?

In my opinion your domain controller should use NTP to go out to the Internet and sync its date and time with the world’s authoritative NTP servers. Unfortunately, you have to use the Windows registry editor and edit 6 registry entries to do this. In my opinion it should be easier to do this by having a GUI available but today you’ll have to edit the registry.

Fortunately, there are a couple of good articles to walk you through this, step by step:

Conclusion

Proper time and date configuration on both servers and clients is critical in any Windows network. By default, both Windows clients and servers will connect to time.windows.com and sync date and time using NTP. Administrators must, of course, set the timezone correctly and verify that time is sync’ing correctly. Of course, for that to happen, PCs must have network communication, internet access, firewall ports open for NTP, and DNS. Finally, you need to know that if your server becomes a domain controller, it no longer gets its time & date from the Internet via NTP. Domain controllers become the root time source for the Windows network and the Windows Time server starts.

About The Author

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top