Is this supported or possible in Windows 2000?
I've managed to edit the registry to point at my local NTP server and
this works fine. The NTP host supports MD5 authentication and,
ideally, I'd like the Windows 2000 client to use this when requesting
from the NTP server.
It doesn't seem to be supported. XP and newer Windows systems that
speak NTP to each other through w32time use Kerberos session keys to
do symmetric-key authentication of NTP packets. This is roughly the
same as using symmetric-key MD5 authentication in ntpd, but the keys
have already been exchanged through Windows Active Directory
credentials, so no further configuration is required.
However, there does not seem to be a way to get authenticated time
from an ntpd server into w32time unless a lower-layer protocol like
IPsec is used to wrap the NTP traffic.
See "NTP Security" section in the reference documentation from
MIcrosoft:
http://technet2.microsoft.com/windo...cce2-4c82-b3ea-3b95d482db3a1033.mspx?mfr=true
To get what you want on Windows 2000, I would install the Windows
version of ntpd from Meinberg, and use their Time Server Monitor
program to manage and congfigure it:
http://www.meinberg.de/english/sw/ntp.htm