Is there a way to use an authentication key when configuring Windows Time to point to a NTP Server that is not part of my domain? My situation is that I'm setting up a new Active Directory forest and I cannot find a way to use an authentication key when configuring the Windows Time service. I've read a couple articles about Active Directory clients using Kerberos to provide authentication within a domain, but what about the authoritative source in the domain (the PDC emulator)? Thanks in advance.
Asked
Active
Viewed 382 times
0
-
Out of curiosity, why do you want/need this? – joeqwerty May 05 '20 at 13:42
-
In an Active Directory environment, the domain controller that has the PDC Emulator role is the authoritative source of time in a domain/forest. The server should have a reliable source to get time from. That server is what I'd like to try to configure authenticated Windows Time (Windows' implementation of NTP) – user3271408 May 05 '20 at 14:15
-
Yes, I understand all that. I'm asking why you want/need authenticated NTP. – joeqwerty May 05 '20 at 14:29
-
That's more secure. – user3271408 May 05 '20 at 14:38
-
The way I do it is like this: the main router gets time from NTP Pool Servers, the internal Linux NTP server gets it from the router, main network Switch and PDC Emu get the time from the Linux NTP and computers get it from the PDC Emu. No need for any auth. – Overmind May 06 '20 at 07:03