Symmetric key support for SHA256 and SHA512 for DT2 and NTP
protocols. NOTE: Only MD5 and SHA1 are universally supported
by NTP appliances. Your NTP time source may or may not support
SHA256 or SHA512 hash types.
Added symmetric key type name (MD5, SHA1, etc) to all dropdown
lists of key numbers. This is a cosmetic change to help identify
the type of key being chosen.
DTLinux
See the CHANGELOG.txt file
for changes specific to DTLinux.
Control Panel Applet
Fixed problem with right-click popup menu
on the time sources list on multi-monitor displays.
5.2.b.20240425 - Optional Upgrade
Minor fixes and enhancements.
DTLinux
See the CHANGELOG.txt file
for changes specific to DTLinux.
DTServer
Fix for PTP master announce stepsRemoved field
when the registry NTP Server Stratum value is non-zero.
Audit Server
Changed display in audit reports from using
scientific notation to decimal representation (only affects very
small values; for example using 0.000050 instead of 5e-5).
Changed mechanism for obtaining reference time
when using "Use this machine's list of time sources" and the
audit machine is a PTP slave, to use the current PTP master's IP,
offset, and stratum instead of querying the list of NTP or DT2
sources. If the audit machine doesn't happen to be a PTP slave, then
the normal use of listed sources operates as before. This change
affects the Audit Server's log file as well as Audit Result reports.
Manager and Monitor
Same change as detailed above for Audit Server in regards to reporting
the source of the reference time.
Control Panel Applet
On the Obtain the Time/Correction Limits page, the Reset to Defaults button
was not resetting the excess latency checkbox or associate value.
Fixed production of zero-length ptpMasters.txt when the CPL's focus is
set to a remote machine. This only affects generation of file(s) for
inclusion in sending a Problem Report from the Support page.
All Products
Microsemi-branded versions of all products, including DTLinux: Changed to
remove Microsemi logo and replace Microsemi name and contact information
to Microchip (Microsemi's parent company).
5.2.b.20240101 - Optional Upgrade
Two minor fixes in DTCheck; one enhancement to Audit Server.
DTLinux
See the CHANGELOG.txt file
for changes specific to DTLinux.
Audit Server
Changed interpretation of Audit Server's
email subject lines (found at HKEY_LOCAL_MACHINE\SOFTWARE\Greyware\Domain Time II Audit Server\Logs and Alerts\SMTP)
to allow substitution variables %date% and
%machinename% to be replaced by the current date
and reporting machine (respectively).
DTCheck
Fixed invalid character in the -variance
report output display.
Changed default Internet leap-seconds.list
source from IETF to IANA (IETF no longer supports the leap
seconds list).
5.2.b.20230302 - Optional Upgrade
Two minor changes to alerting and logging.
DTLinux
See the CHANGELOG.txt file
for changes specific to DTLinux.
Client/Server Server
Fixed sending out "bounds exceeded" SNMP trap
on first correction after startup when the checkbox for ignoring
startup is checked.
Changed messages about virtualization changes (for
example, live migration) from warning level to information level.
5.2.b.20221031 - Optional Upgrade
One important fix for Audit Server.
DTLinux
See the CHANGELOG.txt file
for changes specific to DTLinux.
Audit Server
Fix for Audit Server's Daily Drift CSV report mistakenly
interpreting DTLinux drift records as milliseconds instead of
nanoseconds.
Domain Time Server
Changed default for new installations of DTServer in slave mode (domain hierarchy) to
not use Windows RID-based authentication.
Drift Graphs
Changed text on drift graph display to say "N/A" instead of "unknown" when the
phase adjustment is either inapplicable to the type of graph, or the value is
zero.
5.2.b.20220714 - Optional Upgrade
Fixed a problem with formatting multiple recipients when sending email to GMail (Google
changed its header parsing rules). Enabled support for software RX timestamps on Win11
and Win2022 (Win10 and Win2019 already have support in place). Added Remote Scan feature
to DTServer, which can be used by Manager and Audit Server on large segregated networks.
Other minor enhancements.
DTLinux
See the CHANGELOG.txt file
for changes specific to DTLinux.
Manager
Added section to the Network Discovery dialog allowing you to
specify Remote Scan options. Remote Scan works by contacting Domain Time Servers
on other networks and having them perform a broadcast/multicast scan on Manager's
behalf. The remote Domain Time Server(s) must be running version 5.2.b.20220414 or
later, and must have Remote Scan enabled. Useful in complex networks where broadcast
and multicast queries cannot reach remote subnets. A Domain Time Server positioned
on the remote subnet can return a list of nodes visible to it.
Audit Server
Audit Server inherits the Remote Scan settings described above.
DTServer/DTClient
Increased number of retries obtaining domain/forest information
to account for lazy network startup in Win10/Win2019 and above.
Added Remote Scan (DTServer only) functionality. This allows
Manager and Audit Server to gather network information visible to the remote
DTServer. Functionality is disabled by default. To enable, use the Control Panel
applet's Security tab. Click the Commands... button and tick
the box for Remote Scan. This box will only appear on versions
of Domain Time Server 5.2.b.20220414 or later.
DTCheck
Changed -resetserial and -reload
to allow operation via authenticated UDP transaction on Windows machines (instead of stopping and
restarting the service). This capability is already built into DTLinux and DTClient/DTServer,
but dtcheck only used it on Linux nodes.
Added -remoteScan function (see Manager and DTServer above). This
function lets you test a remote Domain Time Server for compatibility, and shows the
information it would return if used by Manager/Audit Server.
Enhanced -interfaces command to display the NIC
internal clock frequency (when available).
Enhanced -stats2 command to display the type of
timestamping supported.
5.2.b.20220322 - Optional Upgrade
Minor fixes and enhancements.
Miscellaneous
Added Windows display version (the same as winver.exe shows)
to logs and startup banners, e.g., Windows 10 21H1 (display version)
instead of Windows 10 2009 (actual version number).
Fixed problem with dialog box upper-left small icon "sticking"
to most recently used icon.
DTLinux
See the CHANGELOG.txt file
for changes specific to DTLinux.
Manager
Added update of license files when upgrading a DTLinux client via
"push" update from Manager.
DTServer/DTClient Control Panel Applet
Added support for specifying syslog port number to override the default target port
514/udp. You may add :n, where n is the desired port number. For example: 10.1.1.1:777 (IPv4 literal),
[2600:1f18::1]:777 (IPv6 literal -- brackets are required), or mysyslogger.my.org:777 (DNS name). In all of
these examples, syslog output will be sent to port 777.
Added support for "Do not change audit group"
to the dropdown beside the "Always audit this machine" checkbox. Requires Audit Server 5.2.b.20220111
or later to work properly.
NTPCheck
Added -rtt switch to show originate and terminate timestamps,
and display total round-trip time. Ignored if -raw is not also specified. Ignored
if output is either -json or -csv.
DTCheck
Fixed typo in -help text.
Eliminated requirement for Remote Registry service for certain
operations targetting the local machine (specified by providing no target,
using the machine's NetBIOS name, using the IP 127.0.0.1, or the IP ::1).
Removed test routines for obsolete bc635/637 PCI clock cards.
SDK
Added atomic copy to GetPTPStats() to prevent rare
race condition.
Updated comments inside APITest.cpp to demonstrate how to get
the full path/filename of the loaded DLL, and how to convert hectonanoseconds to
either microseconds or milliseconds.
5.2.b.20210930 - Optional Upgrade
Minor fixes and enhancements.
DTLinux
See the CHANGELOG.txt file
for changes specific to DTLinux.
DTServer/DTClient
Customer request: Changed PTP Telecom subscription failure messages from
warning level to debug level as long as at least one of the provisioned masters is responding.
This is a cosmetic change, to keep from filling the log with warnings about Telecom masters
that are offline.
Control Panel applet
Fixed problem with screen lag on Win10 when moving the
Control Panel applet around the screen and system Performance Options ->
"Show window contents while dragging" is checked.
Fixed misidentification of Domain Time Client as Domain Time Server
when service registry key permissions are locked down too tightly.
5.2.b.20210630 - Optional Upgrade
Support for Windows 11 and Windows Server 2022.
Added support for "short" SHA secrets (SHA1 fewer than 40 hex chars, SHA256 fewer
than 64 hex chars, or SHA512 fewer than 128 hex chars). The new minimum length is
20 hex chars (10 bytes), although we recommend that you use the full length for
each SHA key type. Compatibility Note: If you create "short" SHA secrets
and export them to an older version of Domain Time, they won't be recognized as
the proper type. Upgrade all of your machines, both DTLinux and Windows, before
implementing short SHA secrets.
Added SecureZeroMemory (Windows) and equivalent function (DTLinux) to ensure that
symmetric key secrets are erased from memory after use.
Changed group policy handling of secrets to allow "short" SHA keys. To implement,
you must add a comment after the secret. For example, if you want an SHA1 secret
of 907386b0dd548acaed8b (shorter than the standard 40 hex chars required for SHA1),
you would enter it in the policy as "907386b0dd548acaed8b # SHA1"
so that Domain Time knows to treat it as SHA1. Compatibility Note: You must
upgrade any Windows machines using group policy for key distribution before creating
any short SHA group policy secrets, or using comments in the group policy settings.
Audit Server/Monitor Service
Fix for recent change in Microsoft's permissions for the Windows\Temp folder, where these two
services save their SMTP queue files. Upgrade will move the queue folder outside the Windows\Temp
hierarchy, and grant explicit read access to the email.log file in the new folder location.
You can make this change without upgrading by changing the location of the SMTP queue to a folder
on a local drive, and setting the permissions to FULL for SYSTEM and Administrators, and READ for
everyone else.
Manager
Added File -> Upgrade Remote Server & Manager menu item. This new dialog allows you
to upgrade Domain Time Server, Manager, management tools, services and DTLinux files on a remote
machine. This convenience function allows you to upgrade your main Management machine, and then push
that upgrade to any other Manager machines. In the past, you had to run Setup directly on each Manager
machine to upgrade.
Added check for tombstoned records when you change Active Directory enumeration from
tombstone to purge. If any tombstoned records exist when you make this change, Manager will offer to
delete the tombstoned records.
DTLinux
Several enhancements and fixes; also new security options.
See the CHANGELOG.txt file
for changes specific to DTLinux.
All Components
Switched to custom PRNG for determining the pseudo-random sequence ID field of DT2 commands.
Removed SSL/TLS test on check-for-update functions if the operating system is earlier than
Vista/2008r2. Older operating systems cannot meet the TLS requirements of our website.
Resized stats structure to include delta values of less than 1 ms. This is the output you see
when issuing dtcheck -stats from the command line. Older versions of both DTLinux and DTWindows will continue
reporting only milliseconds until you upgrade them. All other reporting mechanisms are already in tenths of a
microsecond (Windows) or nanoseconds (Linux).
DTClient
Fixed bug that could make DHCP lookups fail on some operating systems. Also made DHCP lookups more
robust by sending both DHCPDISCOVER and DHCPINFORM messages.
DTServer
Changed DT2 and NTP to support incoming requests signed
with SHA256 or SHA512 keys (as long as the keys exist in your keyring, and are trusted).
Domain Time (as a DT2 or NTP client) is still limited to MD5 and SHA1.
Control Panel applet
Disallowed selection of "Windows Auth" from the authentication drop-down if you have selected
DT2-HTTP as the protocol. The combination of DT2-HTTP and Windows authentication has never been supported.
Changed right-click pop-up menu so that it only appears if you right click on a blank area of
the left-side of the Control Panel applet. Formerly, the menu would pop up no matter where you right-clicked.
NTPCheck
Allowed NTPCheck to use SHA256 and SHA512 keys as well as MD5 and SHA1. To use any form of
authentication with NTPCheck, you must run NTPCheck from an elevated command prompt.
5.2.b.20210331 - Recommended Upgrade
DTLinux is now in production status. Several updates and enhancements to Manger to support
DTLinux remotely. Several enhancements to various components and a few minor fixes as detailed
below.
Implemented mitigation for a potential security vulnerability in the check-for-upgrade functions
of Manager and DTTray. This vulnerability requires DNS hijacking and redirection to a look-alike
website, where a fake download could be provided. Credit to GRIMM for alerting us to this potential.
Audit Server
Fix for raising a Real-Time Alert when the Raise Alert... checkbox is unticked.
Added StandBy-mode synchronization of Manager's DTLinux and Backup folders.
Added ability for email subject lines to contain the date/time. Write to techsupport
if you need this feature.
Manager
Added log rolling to Manager's log file; default monthly, keep 12 old logs. Some
customers had set the log max size to zero (unlimited) but had not cleared the log in years, resulting in
multi-GB log files. You may change the settings from Options -> Manager Log File Settings.
Added ability to remote-upgrade DTLinux installations. You must be running version
5.2.b.20210130 or later on both DTManager and DTLinux. Further, remote-upgrade is disabled by default
in the dtlinux.conf file. You must set dt2Security:managerUpgrade to true before Manager will be
allowed to push the upgrade.
Added code to close Notepad windows showing temp files when Manager closes.
Customer request: Added optional startup password for Manager. When set, you must
enter the password before Manager's GUI display appears. You may set, change, or clear the password
from Option -> Set Startup Password.
DTDrift
Changed wording on text rendering of a drift file to say "corrections" instead of
"deltas" in the Clock Corrections section. The Clock Corrections section summarizes corrections (clock deltas
of >= 1ms), so the former wording could be misleading.
DTLinux
Moved DTLinux from beta status to production as of 31 Jan 2021.
Increased startup wait-for-IP-addresses time on Win10/Win2019.
DTServer
Fixed bug in stats display that showed HTTP hits by servers and clients in wrong order.
Added ability for DTServer to function as a DTLinux update source (for use as a local cache
if your Linux machines don't have Internet access). This option requires installation of Manager to function.
Deprecated the Domain Role of "Slave Time Server." The option is still available, but admins
should migrate to Independent Time Server for DCs not holding the PDC-emulator role.
Fix for DT2-TCP not restarting on IP address change.
DTClient/DTServer
Changed meaning of "TAI-UTC Offset Locked" registry entry to only apply the TAI-UTC offset
when the PTP master is using the PTP timescale. If the master is using the ARBitrary scale, timestamps are
presumed to be in UTC already, so no offset from TAI is applicable.
Eliminated warning message in log about syntax errors or untrusted symmetric keys if the
timesource is disabled.
Changed max delay between samples to 1024 milliseconds. It was formerly 16,384 milliseconds.
Control Panel Applet
Added checkbox to DTServer's Serve the Time page, Serve DTLinux Updates. There is a link
below the checkbox to test. DT2 over HTTP must be enabled, and Manager must be installed on the same machine
in order for this function to work.
Added warning when unchecking a symmetric key (i.e., setting it to untrusted) if any
timesource, including PTP authentication, is currently using the key number. This is a yes/no dialog box;
if you select No, then the key will remain checked.
Changed the list of keys to use for each PTP message type so that only trusted keys are
displayed. If you have untrusted (or deleted) a key formerly in use for a PTP message, that message's key
will be set to None.
Added DTLinux-format file import/export of symmetric keys.
Added machine import/export from/to DTLinux as well as Windows machines.
5.2.b.20210103 - Optional Upgrade
Removed old programs (NT Alpha, domtimed, WFWG) from all distribution zips. These programs are more than
a decade past end-of support.
De-Internationalized day name and month name in the log files, audit reports, and various displays,
in favor of yyyy-mm-dd hh:mm:ss or English month and day name abbreviations (depending on the display),
for continuity when reading logs or reports created by machines in non-English languages.
Retained locale-specific format in several places on the Control Panel applet. Added locale-specific
format to the status bar of the log file viewer.
Introduced Domain Time II for Linux (dtlinux). This is a full-featured NTP/DT2/PTP client for x86_64
Linux distros (little-endian Intel or AMD only, running in 64-bit mode). DTLinux may be monitored and
audited by Domain Time II Audit Server, and remote-controlled by Domain Time II Manager. N.B. DTLinux
is still in beta status, but has been tested successfully on CentOS7, CentOS8, RHEL 8.3, Ubuntu 18,
Ubuntu 20, Fedora 33, Mint 20, OpenSUSE Tumbleweed, and OracleLinux 8.3. DTLinux is distributed in three packages: DEB
for Debian and Debian-derived systems, RPM for RHEL and other RPM-based systems, and a TGZ, which is
distro independent. Please visit DTLinux
for more information.
Manager
Fix for refresh of single items on the tree side of the Domains and Workgroups
list. If favorIP was set, the database information would be refreshed, but the display would show
a tombstoned record.
Added support for the beta DTLinux client. (For security
reasons, remote install/upgrade/remove is not available for Linux.) On Windows 10 or Server 2019,
support for the Microsoft SSH client (you must install SSH from the optional features list).
Support for DTLinux templates, as well as remote configuration, problem report generation, monitoring,
and auditing.
DTDrift
Changed handling of the "SourceStratum" column when using the
-convert -csv option. Prior versions always showed zero (meaning unknown)
in this column, unless the drift files being converted were ones created by Audit Server.
All drift files now contain the source stratum information if available, so DTDrift
will display meaningful information in this column.
Fixed width of first column when using -convert -csv
without the -localtime option.
DTLinux
Ended private beta. First public release. Domain Time II for Linux (dtlinux)
is documented here, and is
included in the Starter Kit and Manager download zips. You may also obtain a copy from
the direct download folder.
Note: Although DTLinux is now available to the public, it remains
in beta status. Please test it thoroughly in your test environment before deploying to
production machines.
Drift Graph
Changed textual output from a grapical drift display to include
parenthetical microseconds to help users parse the value in more useful terms.
Added data point resolution to textual output (either nanoseconds
or 0.1 microseconds, depending on the data source).
Added StdDev (standard deviation) to textual output.
Changed display when you click on a dot in the drift graph to display
n nanoseconds, n microseconds, n milliseconds, or fractional seconds
(whichever is smallest). This makes something like "+0.000000021 seconds" appear as
"+21 nanoseconds," which is easier to read.
DTCheck
Changed -ptpStats output to show nanoseconds when operating against
a machine that supports nanos instead of hectos. Also added a parenthetical number of
microseconds to help users parse the values in more useful terms.
Added support for -resetSerial, -resetTimings, -logFile, and -problemReport
for DTLinux nodes.
Added metadata to files created using -driftFiles
DTClient/DTServer
Fixed ambiguity in the standard PTP best-master-clock algorithm to
recognize that "better by topology" should be used in master selection as if it were
"better" by other reasons.
Suppressed error message "Unable to retrieve the time; error 5: No time samples available"
when you have deliberately removed all external time sources.
Control Panel Applet
Changed "NetBIOS Name" to "NetBIOS/DNS Name" on the stats page. This
is useful primarily when connecting to a remote machine by IP address. The former behavior
would display the IP address if the NetBIOS name could not be discovered. The new behavior
performs a DNS lookup and shows the FQDN if the NetBIOS name is not available.
Internationalized text on the About page.
Log file viewer
Removed "Show Line Numbers" from the log file viewer menu.
Internationalized "Last changed on" line in the status bar. Removed
internationalization for month and day names within the log contents.
PTPCheck
Widened main display to give more room for node names and deltas.
Changed delta and delay displays from hectonanoseconds (1e-7) to
nanoseconds (1e-9) on main display to accommodate DTLinux, which reports nanoseconds. Replies
from Windows machines will show all 9 digits, but the last two will always be 00,
because Windows can only report 7 significant digits. Changed details display to say
n nanoseconds, microseconds, milliseconds, or seconds, with appropriate number of
significant digits.
5.2.b.20200930 - Optional Upgrade
Many improvements for isolated networks that want to use PTP only (i.e., no NTP or DT2 fallback or crosscheck
support). The Accept First PTP Timestamp option is now more robust, and, upon discovering a large divergence
during normal operations, you may choose to allow the machine to step the clock using only PTP sources. A PTP-only
configuration is sub-optimal, and our recommendation remains for you to make at least one NTP or DT2 time source
available for startup, fallback, and crosscheck.
Several small fixes and improvements. Upgrade if you are affected by any of the changes in the list.
Audit Server/Manager
Improved Manager's ability to manage time zones on remote machines using a different
national language edition of Windows (for example, managing a Japanese-language machine from a EN-US-language
machine, or vice versa).
Fixed bug in Audit Server that sometimes prevented Manager's Real-Time Alerts display
from showing current PTP status for machines. This problem only occurred when Real-Time Alerts were received
during an upgrade of the management tools.
DTServer
Changed the logic when using DTServer as a PTP master, but the admin has selected "Do not
set this machine's time," to allow PTP to send Announce messages using the values set by the admin. The former
behavior was to send Announces showing the time as degraded. This change helps in closed environments where
the admin wants all machines synchronized to the master, but has deliberately chosen to have the master itself
unsynchronized.
Improved calculation of residence time as expressed in the correction fields of Peer-to-Peer
delay responses.
DTClient/DTServer
Fix for setting time zone, either by push from Manager, or pull from DTServer by DTClient,
so that invalid entries generate an error instead of leaving the machine in a potentially inconsistent state.
Invalid entries are those whose Standard name doesn't match the registry key name, or those that exist on
the timezone source but not the consumer.
Changed log message about PTP with no backup sources from warning to status/info level
Changed log message about PTP running but no samples yet from warning to status/info level
Added logic to detect egregious PTP delay measurement results arising from use
of the canonical algorithms specified in IEEE 1588. This situation obtains primarily when the master and slave
differ significantly in frequency or time of day. If the actual measured round-trip time is less than the
algorithm-produced time, then the meanPathDelay will derive from the actual round-trip time.
Added registry DWORD setting Accept First PTP Sample Count to the Parameters
section. The default value is 3, and the range allowed is 1-15. Prior versions only examined the very first
PTP time sample when accepting the first PTP timestamp.
Changed behavior of Accept First PTP Timestamp to slew when within slewing bounds. This
function will step the clock if the delta is large, so continue to use it with care.
Changed behavior of Accept First PTP Timestamp to re-arm upon detection of resume-from-standby,
emerge-from-sleep, or a Clock Change Monitor trigger.
Exposed the Accept First PTP Timestamp option on the Control Panel applet, eliminating the need
for editing the registry manually. Note that you must either stop/start the service, or reboot the machine, in order
for the first PTP timestamp to be accepted.
Added support for resetting duplicate serial numbers by command from DTManager or DTCheck. This
avoids the need to stop/restart the service on the machine whose serial number needs to be reset.
Control Panel Applet
Fixed display glitch on Control Panel applet when moving entries up or down (reordering) in
a list of time sources. The resultant data was correct, but the display did not update the last field in the
list.
Fix to prevent dragging the Control Panel applet completely off-screen.
Added new entry, "Upon PTP large divergence," to list of conditions that allow stepping. This
is primarily useful for machines using only PTP without fallback NTP/DT2 time sources, and where the correction
needed is too large to accomplish by slewing. This option is disabled by default. NOTE: This setting does not
apply when using the Accept First PTP Timestamp option. Accept First PTP Timestamp will always step if
slewing is not possible.
5.2.b.20200630 - Optional Upgrade
Several minor changes, mostly at customer request. Upgrade if you are experiencing any of the bugs
described, or if you need the newer functionality.
Manager
Changed behavior of Manager's command-line IMPORT ADD function to set nodes to audited
whether or not they previously existed in the database. This conforms with the documentation, and makes
ADD the opposite of DROP (except that ADD will add nodes to the database if they don't already exist).
Added 0 (zero) to the list of audit groups that may be specified after the machine name/IP address
of Manager's command-line IMPORT ADD function. Formerly, only 1-8 were supported, corresponding to Audit
Group number 1-8. If you specify 0 instead of 1-8, then the node will be added but set to unaudited.
This is essentially the same as DROP, except that the node will be added to the database if it doesn't
already exist.
DTClient
Added IP address of responding DHCP server to debug mode log output, if DTClient is set
to use DHCP as one of its auto-discovery options.
Added REG_DWORD "DHCP Sample Count" to the Time Sources subkey. If DTClient is set to use
DHCP as one of its auto-discovery options, this value controls how many samples Domain Time should request
from each configured server. The valid range is 1-5. Changes to this registry setting take effect at the
next timecheck interval. You do not need to stop/start the service, or reload other parameters.
Added REG_DWORD "DHCP Sample Pause (ms)" to the Time Sources subkey. The valid range is
16-1024. This value controls how many milliseconds Domain Time pauses between samples of DHCP-discovered sources if
the DHCP Sample Count value is greater than 1. The default is 512.
Rearranged logic when DTClient is using DHCP as one of its auto-discovery options. As of
this version, if DHCP is selected, and the DHCP server responds with a list of one or more IPs, and if one
or more of those IPs provides a valid time sample when queried, DTClient will skip any non-DHCP discovered
time sources after that. If the use-last-known-good option is selected, DHCP-discovered servers will remain in the
last-known-good list, but used only if subsequent DHCP queries fail. If the DHCP-discovered sources fail, or
the DHCP server fails to provide a list, Domain Time will use the other configured discovery options as fallback
sources.
DTClient/DTServer
Improved performance when using the special Accept First PTP Timestamp registry setting. This option
should only be used in closed environments where PTP is the only possible source of time and the initial startup
delta takes an excessively long time to correct (i.e. if the motherboard CMOS clock is wrong). If no other time
sources are configured, PTP will step the clock to match the first incoming PTP sync timestamp. This
initial stepping will bring the clock into close enough sync for normal PTP operations to govern the clock.
It is no longer necessary to also untick the "Crosscheck with other sources" checkbox.
DTLockDn
Implemented workaround for dtlockdn /reset being unable to set registry key ownership
on Windows Server 2012r2 and Windows Server 2016. These two versions of the operating system have slightly
different requirements than earlier or later operating systems. If the workaround is invoked due to
2012r2/2016 restrictions, a warning message will appear in the output, and DTLockDn will continue if the
workaround is successful.
DTLockDn will no longer add read permissions for the well-known SIDs "Authenticated Users",
"Users", or "Everyone" if you have explicitly /revoked or set them to READ or FULL. Otherwise, DTLockDn will
add READ for Authenticated Users (if valid for your operating system), Users (if Authenticated Users is not
valid or already present) or Everyone (if neither Authenticated Users nor Users is present and valid).
Note that, on startup, Domain Time will always reset the permissions on the Keyring subkey so that access is
limited to SYSTEM and Administrators.
5.2.b.20200331 - Optional Upgrade
Several minor enhancements, including better performance using PTP with sync rates of less than one per second. You should
upgrade if your PTP master sends fewer than one sync packet per second.
Manager
Added dialog Options -> Network Options -> Name Resolution to let you choose how Manager
resolves names when connecting to remote Domain Time machines. By default, Manager and Audit Server first try the FQDN
(fully-qualified domain name), which is created by concatenating the Common Name (NetBIOS name) with the domain name.
You may change the name resolution method to either Common Name (NetBIOS name), or to DNS name.
Added option to specify an Audit Group number (1-8, inclusive) to Manager's command-line IMPORT function.
If no Audit Group is specified, Manager uses the default Audit Group for new nodes. For example, if your batch import file
contains Add NTP myntpappliance 3 then the NTP server called myntpappliance will be added to the NTP
list and placed in Audit Group 3.
Changed prompt on connection failure dialog from "Always use this name for locating this machine" to
"Always use this IP Address to locate this machine." The checkbox will be grayed-out if you enter anything but a valid
IPv4 or IPv6 address. This change reduces confusion by making the action of the dialog box match the internal workings
of Manager.
DTServer/DTClient
Fix for "TAI-UTC Offset Locked" registry variable not being recognized when acquiring a new master.
Improved synchronization performance when PTP master is sending packets less often than once a second.
Change PTP sync timeout to be twice the sync interval plus 1. This helps on networks that drop packets.
Increased depth of lookback buffer for UDP packet de-duplication. This helps on networks subject to UDP flooding.
DTCheck
Added -ptptest -showsequence subtest. This test watches for Announces
and Syncs from grandmasters and displays drops, repeats, and jumps in PTP message sequence numbers.
Fix for -swTimestamps returning faux error code when operating on remote machines.
5.2.b.20200101 - Optional Upgrade
Two minor fixes, several changes based on customer requests, enhanced PTP behavior with multiple Syncs per second.
Upgrade if you want the new functionality.
Audit Server
Changed validation range for PTP Monitor's Sync message intervals to allow for
more than one sync/second. This only affects the displayed values in Manager.
Manager
Changed default remote connection procedure to try the FQDN (if available) before
falling back to the NetBIOS name or IP address. Note that if you double-click a node's DNS Name, Manager
will try the DNS name first. Likewise, if you double-click a node's IP address, Manager will try the
IP address first. This change only affects how Manager behaves when you double-click a node's NetBIOS
name (the Common Name).
Allowed Manager's list display of node timezones to include non-English languages.
Added extra debug logging for errors/problems during LDAP machine enumeration. Also
added workaround code to retry LDAP queries that return "success" with zero entries. This situation only
occurs in very large domains with overburdened Domain Controllers.
Added registry parameter, "ICMP Required" (default true). You may set this to the English
word "False" to skip ICMP tests during connection. Some networks disallow ICMP echo requests. Note that setting
this to false may cause long timeouts or unexpected errors for machines that are offline or otherwise unreachable.
DTServer/DTClient
Changed critical section envelope when handling PTP delay measurement replies. This prevents
erroneous results when a boundary clock or grandmaster sends two replies to a single request.
Fixed typo in timezone display calculation that could produce UTC - offset instead
of UTC + offset. This error only affected the display of parenthetical UTC offset information shown
after the timezone name.
Fixed typo in PTP code that assigns significance values based on operating system level (only
affects not-yet-released versions of Windows).
Improved handling of more than one PTP sync per second.
Added NTP precision to startup log debug output.
Added checkbox to allow stepping the clock upon an IP change trigger. Unchecked by default.
Allowed Domain Time Server in the PTP multicast master role to send up to 64 sync packets/second.
This is solely for compatibility with SMTPE or 802.1AS slaves that mistakenly require a higher frequency of syncs.
In general, avoid setting the rate greater than one per second unless required by your slaves.
Changed Realtime Alert sending to use a queue and a low-priority persistent background thread.
This allows for multiple tries to send the data if the receiving server happens to be temporarily unavailable.
Added extra debugging (under "Uncategorized debug messages") to show retries and overall queue functioning.
DTCheck
Fix to allow -firewall:open and -firewall:close to work on Server 2019. This only affects DTCheck.
The code to automatically handle the firewall built into Server, Client, and Audit Server already works correctly.