For the purposes of this exercise, we can think of the time service as being composed of two parts: The 'client piece' and the 'server piece'. The client piece is responsible for locating another time source and keeping the local clock synchronized. When the 'client piece' makes a request for a time sample, the sample that is returned will be used to improve the accuracy of the local clock, assuming that the sample passes all validation steps. The server is responsible for answering requests from other NTP clients. When another computer or device makes a request for a time sample, the 'server piece' will formulate a response based on the clock of the local computer, which is (hopefully) being made more accurate by the 'client piece'. The point here is to show that although the 'client piece' and the 'server piece' are encapsulated into the same service, they can be seen as two separate entires linked together by the clock on the local machine.
By default, the 'server piece' is turned off, but in some cases the w32time service may already be configured to act as a time source (having the 'server piece' turned on). Specifically, if the machine is acting as a domain controller, then the 'server piece' is already turned on. When a machine is promoted to a domain controller, part of the dcpromo process it to enable the 'server piece' time service. You can verify if the server is turned on by running the following command:
w32tm /query /configuration
Keep in mind that you will need to be elevated to run this command. When you execute this, you will get back a laundry list of configuration settings. We are specifically interested in the NtpServer section:
NtpServer (Local)
DllName: C:\Windows\system32\w32time.dll (Local)
Enabled: 1 (Local)
InputProvider: 0 (Local)
AllowNonstandardModeCombinations: 1 (Local)
The third line will specify whether or not the NtpServer (aka the 'server piece') is turned on. If Enabled is 1, then it's on. If you see that Enabled is 0, then it is off. If you aren't running Vista or Server 2008, you can query the registry directly:
reg query HKLM\system\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer
You should see an entry that looks something like the following:
Enabled REG_DWORD 0x1
As before, 1 is on, 0 is off. You can turn on the NtpServer at any time by running the following commands:
reg add HKLM\system\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer /v Enabled /t REG_DWORD /d 0x1 /f
w32tm /config /update
The first command will change the Enabled flag in the registry to 1 (turning on the NtpServer), then the second command will tell the w32time service that the configuration in the registry need to be re-read, to make the changes active. You can confirm that the NtpServer is in fact running by calling w32time again:
w32tm /query /configuration
If you see enabled is 1, then you are good to go. If not, take a look at the registry using either regedit or the reg command to ensure that the change really made it into the registry.
As usual, If you have specific thoughts or questions about this post, please feel free to leave a comment. For general questions about w32time, especially if you have problems with your w32time setup, I encourage you to ask them on Directory Services section of the Microsoft Technet forums.
