Castro cjaBadge
11

Comments

Best way to set multiple NTP servers in 10.7.x and 10.8.x?

Posted 3/18/13 at 11:35 AM by Castro

Hello,

I've come across a couple of ways to set a single (ex. time.apple.com) NTP server, however I need to set two servers- one for the internal network (a Domain Controller) and a secondary for when users are off of the network (time.apple.com).

I've tried modifying the /etc/ntp.conf file to include a second and third line, and it shows up in the Date & Time Preference Pane (same line, comma separated), but it doesn't work; when I'm on the network, time is synced, but off of the network, time.apple.com isn't used. Any suggestion? Thanks.

11

Comments

ericbenfer
Posted 3/18/13 at 3:00 PM by ericbenfer

What happens if you manually put in the two NTP severs in System Settings?

That said, here is the script I used when I had to do this. I just tested and verified (on one Mac) this still works under 10.8.3. It synced time internally to my Domain controller and externally to time.apple.com.

I used this script in the build process with the priority set to "At Reboot".

#!/bin/bash
#
# The purpose of this script is to set the NTP time servers if you require more than one.
# For instance you may want to use an internal domain controller as the first time server,
# and time.apple.com as the second time server.
# The command "systemsetup -setnetworktimeserver" only allows you to specify one time server.
# So I add a second time sever to /private/etc/ntp.conf with the echo command.
# 220, 221 whatever it takes.
#
# Feel free to edit this script as needed.

## Variables
TimeServer1="yourNTP.compay.com"
TimeServer2="time.apple.com"

############# Pause for network services #############
/bin/sleep 20
######################################################

# Ensure we are running this script as root
if [ "`whoami`" != "root" ] ; then
/bin/echo "script must be run as root"
exit
fi
#

/usr/sbin/systemsetup -setnetworktimeserver "${TimeServer1}"
/bin/echo server "${TimeServer2}" >> /private/etc/ntp.conf
/usr/sbin/systemsetup -setusingnetworktime off
/bin/sleep 2
/usr/sbin/systemsetup -setusingnetworktime on
/bin/cat /private/etc/ntp.conf

exit 0

Lotusshaney
Posted 3/19/13 at 11:23 AM by Lotusshaney

Systemsetup has been around for ages. Use the -setnetworktimeserver option with a comma between each server

systemsetup -setnetworktimeserver company.timeserver.com,time.apple.com,time.microsoft.com

Dan

Castro cjaBadge
Posted 3/19/13 at 12:48 PM by Castro

Thank you both for your replies- I will test them today.

Vincent

ericbenfer
Posted 3/19/13 at 2:01 PM by ericbenfer

Yeah, forget my complicated script. Use systemsetup to add the servers.

I think I tried adding two servers with systemsetup way back in 10.5 or 10.4 and it did not work. So I had to edit the ntp.conf. Happy to see it works now.

:-)
Eric

SeanA ccaBadge
Posted 3/19/13 at 4:21 PM by SeanA

Rich,
Which option (of the three you mention in your post) do you use?

If you use the script option, are the time servers separated by spaces, commas, or both?

When I use the script option, the time servers are separated by a space and a comma (not a single space). From Greg’s example and my research with Apple, I am led to believe that the time servers need to be separated by a space in order for it all to work.

Castro cjaBadge
Posted 3/19/13 at 6:21 PM by Castro
Solved Solved

all,

thanks for all of the replies! i am using the script below, and it seems to be working for us. thanks again!

vincent



#!/bin/sh

#Primary Time server for Company Macs
TimeServer1=DC1.company.com
#Secondary Time server for Company Macs
TimeServer2=DC2.company.com
#Tertiary Time Server for Company Macs, used outside of Company network
TimeServer3=time.apple.com

# Set the primary network server with systemsetup -setnetworktimeserver
# Using this command will clear /etc/ntp.conf of existing entries and
# add the primary time server as the first line.
/usr/sbin/systemsetup -setnetworktimeserver $TimeServer1

# Add the secondary time server as the second line in /etc/ntp.conf
echo "server $TimeServer2" >> /etc/ntp.conf

# Add the tertiary time server as the third line in /etc/ntp.conf
echo "server $TimeServer3" >> /etc/ntp.conf

rtrouton cmaBadge ccaBadge
Posted 3/20/13 at 7:49 AM by rtrouton

Sean,

I'm using this option:


#!/bin/sh

#Primary Time server for Company Macs
TimeServer1=ns0.time.server
#Secondary Time server for Company Macs
TimeServer2=ns1.time.server
#Tertiary Time Server for Company Macs, used outside of Company network
TimeServer3=time.apple.com

# Set the primary network server with systemsetup -setnetworktimeserver
# Using this command will clear /etc/ntp.conf of existing entries and
# add the primary time server as the first line.
/usr/sbin/systemsetup -setnetworktimeserver $TimeServer1

# Add the secondary time server as the second line in /etc/ntp.conf
echo "server $TimeServer2" >> /etc/ntp.conf

# Add the tertiary time server as the third line in /etc/ntp.conf
echo "server $TimeServer3" >> /etc/ntp.conf


FastGM3
Posted 3/20/13 at 11:00 AM by FastGM3

For what it's worth. While working on a time drift issue with an Apple SE, he informed me my script need a . at the end of any FQN in NTP.conf. Here's his message.

Chuck,

"Just one more thing…"

And it's important.

=> FQDNs in ntp.conf "server" declarations need to be terminated with a period, just like in DNS zone. Not IP addresses, just FQDNs. <=

So your file should really look like this:

server 123.345.6.7
server time.apple.com.

I believe the example I sent you earlier did not have that period, but I did another test, and the GUI does -not- add it in for you when you save.

I discovered this: if you enter an FQDN into the GUI interface by hand), it does not add the period for you, but it does add a period if you choose one of the apple.com selections from the popup, even though the GUI choice does not display with a period. That is, if you're using the GUI and entering an FQDN by hand, you've gotta know to put that period in there.

It would be a nice implicit warning to people if the popup selections in the GUI terminated their FQDNs in a period, ie:

Apple Americas (time.apple.com.)

instead of:

Apple Americas (time.apple.com)

I've passed that thought along.

Thanks and regards

Ben W Thomas
Senior Support Engineer
Apple Enterprise Technical Support
Austin, TX"


So my script looks like this

#!/bin/sh

#Primary Time server for Company Macs
TimeServer1=123.345.6.7
#Secondary Time server for Company Macs
TimeServer2=time.apple.com.


# Set the primary network server with systemsetup -setnetworktimeserver
# Using this command will clear /etc/ntp.conf of existing entries and
# add the primary time server as the first line.
/usr/sbin/systemsetup -setnetworktimeserver $TimeServer1

# Add the secondary time server as the second line in /etc/ntp.conf
echo "server $TimeServer2" >> /etc/ntp.conf

rtrouton cmaBadge ccaBadge
Posted 3/20/13 at 11:12 AM by rtrouton

Not to doubt the wisdom of Apple Enterprise Support, but a terminating period has not been needed in my experience. All of my NTP servers are listed with FQDNs, including time.apple.com and my clients are checking in without issues to our network time servers.

jelockwood
Posted 1/21/14 at 9:43 AM by jelockwood

The copy of ntp.conf provided as standard by Apple does have the FQDNs terminated by a full-stop, however as rtrouton indicates this is not necessary and can be proven by the fact that when you use the GUI in System Preferences -> Date & Time to set an NTP server it does not put a full-stop at the end.

The command systemsetup -setnetworktimeserver only allows specifying a single NTP server, no mixture of commas or spaces or quotes gets round this. Hence the scripts that append an entire line to the file rather than using the systemsetup command for both entries. I have posted a feature request with Apple to 'fix' this.

A consequence of systemsetup not allowing directly setting multiple NTP servers is that the workflow step in DeployStudio is also limited to defining a single NTP server since behind the scenes it is using the systemsetup command. To get round it you would like discussed here have to use a script or copy over a pre-built ntp.conf file.

By the way, the GUI in System Preferences -> Date & Time does let you specify multiple NTP servers and it correctly parses this and write it in correct format i.e. multiple lines to ntp.conf