NTP not synchronized on Advanced Threat Protection

book

Article ID: 171796

calendar_today

Updated On:

Products

Advanced Threat Protection Platform

Issue/Introduction

NTP shows as not synchronized when running status_check on the Advanced Threat Protection's (ATP) Command Line Interface (CLI).

Service NTPD status - FAILED. Some possible causes and recommendations:
1. NTP is misconfigured on the ATP appliance.  Check  your appliance settings.
2. Network connectivity problems.   Re-evaluate your network and firewall rules.
3. NTP server issue.  Verify the functionality of the NTP server.


NTP                                             NOT synchronized!
                                                Please fix NTP configuration, else
                                                the appliance may not function properly.

Cause

The Root Dispersion of 10.0s is higher than the expected 1.5s

Environment

You're using an internal Windows NTP source such as your Domain Controller (DC)

Running the command w32tm /query /status on the NTP source produces output similar to the following:

Leap Indicator: 0(no warning)
Stratum: 1 (primary reference - syncd by radio clock)
Precision: -6 (15.625ms per tick)
Root Delay: 0.0000000s
Root Dispersion: 10.0000000s
ReferenceId: 0x4C4F434C (source name: "LOCL")
Last Successful Sync Time: 5/25/2018 2:15:25 AM
Source: Local CMOS Clock
Poll Interval: 6 (64s)

 

Resolution

if the time servers is a DC, change 

*HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config\*

LocalClockDispersion from 10 to 0