How to Use PowerShell to Compare Local System Time with NTP Servers

Time synchronization is a pivotal element in the complex machine that is IT. Ensuring devices in a network have congruent times is vital for various functionalities and security protocols. This article delves into a PowerShell script designed to compare local system time with an NTP server, signaling whether the difference surpasses a stipulated threshold.

Background

As modern IT infrastructures evolve, the importance of time accuracy has amplified. Disparities, even as minor as a few seconds, can wreak havoc, causing application anomalies or jeopardizing security. IT professionals and Managed Service Providers (MSPs) must ensure accurate time synchronizations across devices. Our script serves as a tool to flag potential discrepancies.

The Script

#Requires -Version 5.1

<#
.SYNOPSIS
    Compares the local system time to an NTP server, returning an exit code of 0 if less than a 2 minute difference or 1 if more than 2 minute difference.
.DESCRIPTION
    Compares the local system time to an NTP server, returning an exit code of 0 if less than a 2 minute difference or 1 if more than 2 minute difference.
.EXAMPLE
    No parameters needed
    The maximum acceptable time difference of 2 minute.
.EXAMPLE
    -Max 5
    The maximum acceptable time difference of 5 minute.
.EXAMPLE
    -NtpServer "pool.ntp.org"
    The maximum acceptable time difference of 2 minute, but uses the ntp.org's pool and use the time server pool "pool.ntp.org".
    Alterative pools:
    time.google.com
    time.cloudflare.com
    time.facebook.com
    time.apple.com
    time.nist.gov
.OUTPUTS
    None
.NOTES
    Minimum OS Architecture Supported: Windows 10, Windows Server 2016
    Exit code 1: If the time is off more than Max
    Exit code 0: If the time is off less than or equal to Max
    Release Notes:
    Initial Release
By using this script, you indicate your acceptance of the following legal terms as well as our Terms of Use at https://www.ninjaone.com/terms-of-use.
    Ownership Rights: NinjaOne owns and will continue to own all right, title, and interest in and to the script (including the copyright). NinjaOne is giving you a limited license to use the script in accordance with these legal terms. 
    Use Limitation: You may only use the script for your legitimate personal or internal business purposes, and you may not share the script with another party. 
    Republication Prohibition: Under no circumstances are you permitted to re-publish the script in any script library or website belonging to or under the control of any other software provider. 
    Warranty Disclaimer: The script is provided “as is” and “as available”, without warranty of any kind. NinjaOne makes no promise or guarantee that the script will be free from defects or that it will meet your specific needs or expectations. 
    Assumption of Risk: Your use of the script is at your own risk. You acknowledge that there are certain inherent risks in using the script, and you understand and assume each of those risks. 
    Waiver and Release: You will not hold NinjaOne responsible for any adverse or unintended consequences resulting from your use of the script, and you waive any legal or equitable rights or remedies you may have against NinjaOne relating to your use of the script. 
    EULA: If you are a NinjaOne customer, your use of the script is subject to the End User License Agreement applicable to you (EULA).
#>

[CmdletBinding()]
param (
    [Parameter()]
    [int]
    $Max = 2,
    [Parameter()]
    [string]
    $NtpServer = "time.windows.com"
)

begin {}
process {
    Write-Host "Using NTP server($NtpServer) to get time."
    $TimeSample = w32tm.exe /StripChart /Computer:"$NtpServer" /DataOnly /Samples:1
    $Diff = $($($TimeSample | Select-Object -Last 1) -split ', ' | Select-Object -Last 1) -replace '+' -replace '-'
    $TimeScale = $Diff -split '' | Select-Object -Last 1 -Skip 1

    # Convert to minutes
    $Diff = switch ($TimeScale) {
        "s" { [double]$($Diff -replace 's') / 60 }
        "m" { [double]$($Diff -replace 'm') }
        "h" { [double]$($Diff -replace 'h') * 60 * 60 }
        "d" { [double]$($Diff -replace 'd') * 60 * 60 * 24 }
        Default {}
    }
    Write-Host "Time Difference between NTP server and local system: $($([Math]::Round($Diff,2))) minutes"

    if ($Max -lt 0) {
        # If Max is negative then flip the sign to positive
        $Max = 0 - $Max
    }

    # Only output this if -Verbose is used
    Write-Verbose "$($Diff) minutes > $Max minutes = $($Diff -gt $Max)"
    # Assuming that $Max and $Diff are positive
    if (
        $Diff -gt $Max
    ) {
        # If time difference > $Max then return exit code of 1
        Write-Host "Time is over the maximum minutes of $Max."
        exit 1
    }
    else {
        # If time difference < $Max then return exit code of 0
        Write-Host "Time is under the maximum minutes of $Max."
        exit 0
    }
}
end {}

 

Detailed Breakdown

• Cmdlet Binding & Parameters: The script uses the CmdletBinding attribute, allowing it to be used as a cmdlet and harness built-in PowerShell features. Two parameters are declared: $Max, the maximum acceptable time difference (defaulted to 2 minutes), and $NtpServer, the server to be checked (defaulted to time.windows.com).
• Process Block: The main logic is executed here.
• It fetches the time difference using w32tm.exe, a Windows command-line tool.
• Parses the fetched time, discerning the difference and its scale (seconds, minutes, etc.).
• Converts the time difference into minutes.
• Compares the computed difference to $Max, returning the appropriate exit code.

Potential Use Cases

Imagine an IT professional overseeing a vast network of devices across an enterprise. They’ve observed anomalies in applications logging timestamped actions. To diagnose, they deploy this script to spot devices with substantial time drifts. With the results, they can then make the necessary adjustments.

Comparisons

While there are GUI-based tools and third-party applications that offer time synchronization features, this script stands out due to its simplicity and adaptability. It can be integrated into existing IT workflows or automation tools, making it a versatile option.

FAQs

• Can I use different NTP servers?
  Yes, the script provides a default, but with the $NtpServer parameter, you can specify another server.
• What if I want a different time threshold?
  Modify the $Max parameter to the desired number of minutes.
• Is the script exclusive to Windows?
  The provided script is designed for Windows, particularly versions 10 and Server 2016 onward.

Implications

Time discrepancies might seem innocuous, but they can have profound implications. Disparate timestamps can undermine data integrity, affect scheduled tasks, and expose vulnerabilities. Attackers can exploit time gaps, so regular checks with tools like this script are crucial for IT security.

Recommendations

• Run the script at regular intervals to ensure continuous monitoring.
• Always check the validity of the NTP server being used.
• In case of discrepancies, investigate the root cause, as it could be symptomatic of larger underlying issues.

Final Thoughts

While scripts like these are invaluable, a comprehensive platform like NinjaOne can elevate your IT management. Integrating automated checks, monitoring, and remediation, NinjaOne can complement tools like our PowerShell script, ensuring your infrastructure remains both functional and secure.