000026593 - How to change NTP time for the enVision NIC appliance

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000026593
Applies To
RSA ACE/Server 5.2

RSA Authentication Manager 6.0

RSA Authentication Manager 6.1

enVision
NTP
time
appliance
Issue
How to change NTP time for the enVision NIC appliance

How to set an NTP time source for an RSA Authentication Manager (or ACE/Server)
Resolution

This article describes how to change the NTP timeserver for your enVision appliance or RSA Authentication Manager, without going through the registry or re-imaging the appliance. It is done using the Microsoft net time command.

From the command prompt use the net time command. This command will allow to change the NTP time to a server of your choosing. If you reboot the system, it will not revert back to the previous NTP server.

Example on how to use it:

C:\Documents and Settings\Administrator>net time /querysntp
The current SNTP value is: tock.usno.navy.mil

The command completed successfully.

C:\Documents and Settings\Administrator>net time /setsntp:tick.usno.navy.mil
The command completed successfully.

C:\Documents and Settings\Administrator>net time /querysntp
The current SNTP value is: tick.usno.navy.mil

The command completed successfully.

When complete, reboot the server.

For full information on using the net time command please contact Microsoft support. 


On Windows 2003 an alternate way to set the NTP time server is with the w32tm.exe command.
An external NTP time server should only be set on the RSA enVision ES, RC, D-Srv appliances.
All other RSA enVision appliances (A-Srv, LC) time sync with the D-Srv as the Domain Controller over the internal Private SWITCH nic interface (D-Srv default IP is 10.203.2.11).

To configure the time source.

w32tm.exe /config /manualpeerlist:XXX.XXX.XXX.XXX,0x8 /syncfromflags:MANUAL /reliable:yes /update
The command completed successfully.

The X's are the IP address of the time server or the FQDN of a time server such as time-a.nist.gov.  Separate multiple time server entries by comma(,).


To tell a computer that it should resynchronize its clock as soon as possible, throwing out all accumulated error statistics.

w32tm.exe /resync
Sending resync command to local computer...
The command completed successfully.

Check the results of the change in the Windows Event Viewer, looking at the System event messages from Source = W32Time
Look for a good System event message which states, The time provider NtpClient is currently receiving valid time data from XXX.XXX.XXX.XXX

Legacy Article IDa36639

Attachments

    Outcomes