Windows Time Service Technical Reference

Applies to: Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows 10 or later

The W32Time service provides network clock synchronization for computers without the need for extensive configuration. The W32Time service is essential to the successful operation of Kerberos V5 authentication and, therefore, to AD DS-based authentication. Any Kerberos-aware application, including most security services, relies on time synchronization between the computers that are participating in the authentication request. AD DS domain controllers must also have synchronized clocks to help to ensure accurate data replication.

Note

In Windows Server 2003 and Microsoft Windows 2000 Server, the directory service is named Active Directory directory service. In Windows Server 2008 R2 and Windows Server 2008 , the directory service is named Active Directory Domain Services (AD DS). The rest of this topic refers to AD DS, but the information is also applicable to Active Directory Domain Services in Windows Server 2016.

The W32Time service is implemented in a dynamic link library called W32Time.dll, which is installed by default in %Systemroot%\System32. W32Time.dll was originally developed for Windows 2000 Server to support a specification by the Kerberos V5 authentication protocol that required clocks on a network to be synchronized. Starting with Windows Server 2003, W32Time.dll provided increased accuracy in network clock synchronization over the Windows Server 2000 operating system. Additionally, in Windows Server 2003, W32Time.dll supported a variety of hardware devices and network time protocols using time providers.

Although originally designed to provide clock synchronization for Kerberos authentication, many current applications use timestamps to ensure transactional consistency, record the time of important events, and other business-critical, time-sensitive information. These applications benefit from time synchronization between computers that are provided by the Windows Time service.

Importance of Time Protocols

Time protocols communicate between two computers to exchange time information and then use that information to synchronize their clocks. With the Windows Time service time protocol, a client requests time information from a server and synchronizes its clock based on the information that is received.

The Windows Time service uses NTP to help synchronize time across a network. NTP is an Internet time protocol that includes the discipline algorithms necessary for synchronizing clocks. NTP is a more accurate time protocol than the Simple Network Time Protocol (SNTP) that is used in some versions of Windows; however, W32Time continues to support SNTP to enable backward compatibility with computers running SNTP-based time services such as Windows 2000.

This guide does not discuss configuring the Windows Time service. There are several different topics on Microsoft TechNet and in the Microsoft Knowledge Base that do explain procedures for configuring the Windows Time service. If you require configuration information, the following topics should help you locate the appropriate information.

Important

Prior to Windows Server 2016, the W32Time service was not designed to meet time-sensitive application needs. However, updates to Windows Server 2016 now allow you to implement a solution for 1ms accuracy in your domain. For more information about, see Windows 2016 Accurate Time and Support boundary to configure the Windows Time service for high-accuracy environments for more information.