Using the NTP Pool on Windows to Keep Your Clock Set, WITHOUT Additional Software

One thing that annoys me is huge companies that ignore time issues. Several of my clients have had huge networks across multiple timezones, and they wondered why logging times in the database were always off, everyone was logging in their local time, making it impossible to correlate logs.

First making sure the time is right on a single machine

This approach requires GPEDIT.MSC, which means that you can use it for a single machine or a domain, it will work on any windows machine that has GPEDIT.MSC, that also has windows time service installed.

• go to the NTP Pool project home page, and find your list of servers for your continental region.
  
• Launch gpedit (start/run/"gpedit.msc")
• open to the following node, Computer Configuration/administrative templates/System/Windows time service/Time providers
• double click "Configure Windows NTP Client"
• choose the "enable" radio button
• change the NTP server to your appropriate continental region, such as 0.pool.ntp.org, if there is a ",0x1" behind your original server leave it. In the case of my machine in north america it looks like this 0.north-america.pool.ntp.org,0x9
• change the "Type" drop down to "NTP"
• click the "Next Setting" button in the upper right corner.
• choose the "Enable" radio button
• click "OK", then close all the way out.

There, now you have configured 1 machine to keep its time from the ntp pool. IF your network allows NTP traffic, then this policy can be applied to the entire domain. To make sure all machines on the network are correct, it is critical that ALL domain controllers are set this way. If you let each layer of network controllers sync to the previous level, there will be up to a 5 minute drift in either direction. I have seen XP machines that were "synced" to the domain suddenly set clocks back 15 minutes because of 3 layers of domain controllers.

The best solution for large networks is to setup a high accuracy NTP server, and use its address for the above policy for your domain controllers (and any other network items you might need to set like a PBX). Personally, I recommend 1 of these servers per site, with the list of continental servers from the pool as the backup servers. I also recommend "paying it forward". If you choose to setup an internal NTP server, expose the service and join the pool, so more servers share the load.

I also recommend that all servers are permanently set to UTC time (GMT without daylight savings). This way things like SQL Server columns that have getdate() as the default aren't being set to local time, but rather UTC time, which you can then use to translate to ANY local time.