NTP Server is setup for ntp keys. How can we configure windows server to communicate to our time server using the keys?

Solution 1:

w32time is not compatible with ntpd's symmetric key implementation. Meinberg cites Microsoft MS-SNTP spec in which packets are either using MS netlogon based auth extension, or unauthenticated. ntpd gained experimental mssntp support, but no guarantee it will be available on your NTP server.

The goal of NTP auth is to reduce the risk of an impostor NTP server serving the wrong time. When this is difficult to implement, use alternative controls at the network level.

Assuming you wish to continue running your NTP servers on not-Windows, remove the keys and use unauthenticated. Domain controllers use it as an "internet" source. Protect the NTP server by restricting access to it. Use a private network for transport. Limit queries to allowed subnets with firewalls and possibly ntpd's restrict keyword.

Why is my DNS information replicating without Zone Transfers allowed?

NGINX: Is it possible to split the `location` configuration block into multiple blocks or even into files?

Hyper-V servers joined to a domain

Windows Server 2019 DataCenter: adding disks to the Storage Pool (with mirror accelerated parity) doesn't increase storage space?

How to check if dovecot's configuration is valid? (config file syntax)

Sending emails with SMTP Relay on Office 365 via Azure VM

How to add a firewall rule per country in google cloud?

Python3 correct way to import relative or absolute?

How I can stop an animated GIF in JavaFX?

Empty string instead of unmatched group error

Why do Google Cloud Platform static IP addresses list Mountain View, CA in reverse lookup regardless of region assignment?

Rename files using a regex with bash [duplicate]