Domain Time II Thin Client: Documentation

Domain Time II v4.1

Documentation

Installation

FAQ

Page Index

Documentation\Configuration\Clients\Windows\Thin Client

Domain Time II Thin Client
Version 4.1

The Domain Time II Thin Client is a fully automatic time client that runs as a background service on Windows systems. It is designed to be a "zero-administration" service.

The Thin Client has no user-definable configuration options (however, certain variance reporting, clock training, and broadcast address subnet features can be set by an administrator using the Domain Time II Manager program).

Thin Client Installation

Thin Client Registry Settings

Finding a server

The Thin Client only uses the Domain Time II protocol and attempts to automatically find and synchronize with a Domain Time II Server using either UDP broadcast or by obtaining a server address from a DHCP server.

UDP Broadcast Method

Domain Time II protocol

Discovery Process

An automatic Domain Time client will perform a local network broadcast on UDP port 9909 to locate a Domain Time II Server. Note that UDP broadcasts sent to the local network usually do not cross routers.

Client sends UDP broadcast to discover servers

Domain Time II servers respond via the Domain Time II protocol to inform the client they are available to serve time.

Domain Time II Servers respond via Domain Time II protocol

The client then contacts and syncs with the server.

The client synchronizes with the server it found

If, however, your network structure has clients on a different subnet from the servers, you can tell the client to use the broadcast address of the server's subnet by using Domain Time II Manager to enter the additional broadcast subnet(s) in the Broadcast Addresses section of the Options remote control function. Alternately, you can enter the necessary broadcast subnet(s) into the BroadcastAddresses key in the client machine's registry.

However, altering the Broadcast Addresses in this way is somewhat cumbersome and creates additional network broadcast traffic. If you have machines that need to contact a time server on a different subnet, you should consider using either the Full Client or the DHCP server discovery method described below.

When additional broadcast addresses are defined for an automatic client, it will send broadcasts to those subnets. This diagram shows both a broadcast to the local subnet and a broadcast to a remote subnet being passed by the router.

Client sends UDP broadcast to designated subnets to discover servers

Domain Time II servers respond via the Domain Time II protocol to inform the client they are available to serve time.

The client then contacts and syncs with the server..

DHCP Method
The Thin Client also examines the time server options on any DHCP server it locates on its subnet. If the DHCP server is configured to provide the IP address of one or more time servers, then the Thin Client will automatically use those servers.

Any IP address for a time server can be assigned using the DHCP method, not just one on the local subnet. Use DHCP if you have time servers outside the local network that you wish Thin Client to use.

Note: It is not necessary to set the TCP/IP protocol to get its IP address from a DHCP server in order for the Thin Client to get a time server address. The Thin Client uses its own independent inquiry of the DHCP server to discover the time server options. Therefore DHCP discovery of time servers can be used on a machine with either a fixed or DHCP-assigned IP address.

See Using DHCP to Specify Time Servers for a detailed explanation of how Domain Time II Clients use DHCP.

An automatic Domain Time client with DHCP enabled will broadcast to locate a DHCP Server. Note that DHCP broadcasts usually do not cross routers.

DHCP Broadcast - Discover DHCP Server and Request Timeserver Address

If DHCP options 004 or 042 are configured, the DHCP server will respond with the IP address of the time server.

DHCP Server responds with IP address of the time server

The client then uses the IP address provided by the DHCP server to contact and sync with the designated time server, even across a router.

The client uses the IP address to sync with the time server

DTProbe Utility
The Domain Time II Management Tools include a handy utility called DTProbe to help you determine which time server a Domain Time II Client will use. See the Utilities page for instructions on how to use DTProbe.

Additional Security

Beginning with Domain Time II version 4.1, you have additional control over the configuration of the Thin Client which extends its excellent built-in security. You can now set restrictions on the kind of control messages the Thin Client responds to. These options can only be set by using Domain Time II Manager to connect to the Thin Client remotely.

Additional Options Use Domain Time II Manager to connect to the machine running the Thin Client by double-clicking on it in Manager's Browse list. On the Connected to screen, click the Options icon. This will bring up the Client Options screen (for a complete description of the Connected To... Client Options screen, see the Domain Time II Manager documentation).

Click the DT2 Commands button to bring up the Domain Time II Command Restrictions dialog. You can use these settings to restrict what kind of Domain Time II control and sync messages your server listens for on the network.

The default protocol restriction settings assure both maximum functionality and a high degree of security; in most cases you will have no need to adjust them from the defaults. Domain Time II components communicate with each other primarily through directed communication, and are therefore highly resistant to spoofing and malign interference.

The Domain Time II protocol command restriction capability is intended for use by system administrators in environments where an extra level of security is required. Using the restrictions list, you can determine exactly what Domain Time II protocol command messages the service is allowed to listen for. Think of the command restriction list as an application-level "firewall" allowing in only the desired Domain Time II commands and blocking any others. Keep in mind that the restriction list only affects incoming DTII protocol commands - outgoing commands are not affected.

Warning:
Disabling protocol commands can have unintended consequences on the operation of your entire time distribution network, including the prevention of cascade triggers and sync notifications, which may result in inaccurate clocks. Problems resulting from disabled protocol messages can be quite hard to troubleshoot later, particulary by the next system administrator after you. Make adjustments only if you understand and require them, and be sure you document the changes so you can maintain the consistency and smooth operation of your time network.

System Tray Applet

The Thin Client can display the System Tray Applet in the Start Bar system tray.^* The System Tray Applet provides visual and audible (if desired) confirmation that the system is correctly synchronized. It also allows a user the ability to trigger a time sync, launch other Domain Time II applications, turn the chimes features on or off, view the Activity Monitor, the client statistics, and drift graphs, etc.

Hint: Right-click the system tray icon to see the context menu.

You can also use the System Tray applet to check for and download new versions of the software (if your support contract is current). The logged-in user must have access to the Internet and also have rights to install software in order to check for new versions.

If you do not want the system tray applet to appear, it can be disabled from the System Tray menu. This feature can also be disabled by default during installation by changing the INI Defaults file.

Chime features
Thin Client has two different type of audio features:

Timeset Chime
Plays a sound whenever the Thin Client successfully sets its time from its time source. Useful for audible confirmation of time syncs If enabled, the sound will play whether or not there is a logged-in user. The default for this option is Chime Off.
Time of Day Chimes
This option will be unavailable if the Sytem Tray icon is not visible in the System Tray.
The Time of Day Chimes feature plays sound files at specific times of the day, such as every 15, 30 45 minutes and on the hour. There must be a logged-in user and the Domain Time II System Tray icon must be present in the Windows System Tray for the chimes to play. You must also have installed at least one free Domain Time II Chime Pack for this feature to work.
See the documentation for the System Tray Applet for complete instructions and to download free Domain Time II Chime Packs.

Not available on Windows Server Core

Windows Time Agent

When Domain Time II Thin Client is installed on a machine with the Windows Time service, the Domain Time II Windows Time Agent Control Panel Applet is also installed. The Windows Time Agent is a handy utility to configure the Windows Time service without using the arcane command-line utilities that ship with Windows. By default, Domain Time II Thin Client sets the Windows Time service to not manage the clock or participate in synchronization, however, there may be circumstances where you need to change the Windows Time configuration. The Windows Time Agent will allow you to easily set those options.

The Windows Time Agent can be started from its icon in the Control Panel.

Starting the Windows Time Agent from Control Panel

See the Windows Time Agent pages for complete information.

Proceed to the Thin Client Registry Settings page

Domain Time II Software distributed by Microsemi, Inc.
Documentation copyright © 1995-2024 Greyware Automation Products, Inc.
All Rights Reserved
All Trademarks mentioned are the properties of their respective owners.