configure, start ntpd service

BDAqua: regarding "ignored", MrHoffman's understanding about the range skew with ntp is the same as mine. That's why I set the Mac to only 4 minutes off from the Domain Controller in my test of Dec 18, 2018 8:08 PM, posted above, since the default setting of Maximum Tolerance for Active Directory on Windows is 5 minutes.

BUT! ... none of that matters. The helpful folks and LinuxQuestions.org found the answer to this puzzle. Mac DOES NOT use ntpd. Since High Sierra Mac uses timed. Read all about it here https://eclecticlight.co/2017/10/27/has-anyone-got-the-time-how-high-sierra-has-changed-time-synchronisation/. Therefore, tools like ntpq and ntpdc won't work. There's nothing listening on the local host on the ports which these utilities use. Furthermore, this is a customized, stripped down version of timed, not the original, full-fledged version that runs on Unix. There are no parameters, commands or timedc program for interfacing. It does, however, use /etc/ntp.conf although I presume everything except the actual host name(s) is ignored.

Interestingly, that link author suggests taking "a careful look at" /var/db/timed/com.apple.timed.plist to investigate the state of timed, but I found that to be a binary file. If anyone knows how to look at that file, please advise.

More information ... I've stripped my /etc/ntp.conf file down to:

mail.hprs.local

although that doesn't seem to have made much difference. When I had the other servers and "iburst" and "prefer", etc. in there, the System Preferences > Date & Time > Set date and time automatically, showed all servers separated by commas, so perhaps my original conf file is no worse that this stripped down version.

I get the following results from the systemsetup command:

root# systemsetup -getusingnetworktime

Network Time: On

root# systemsetup -getnetworktimeserver

Network Time Server: mail.hprs.local

This seems to indicate the ntp is working, yet when I run 'ps ax | grep ntp' I get nothing. Is time still synchronizing or not?

if I run ntpd it does run and I can then see it in 'ps ax | grep ntp'. But it doesn't seem to make any difference. Does it not matter if this is actually running?

Also, I can do:

root# ntpq -np mail

remote refid st t when poll reach delay offset jitter

==============================================================================

127.127.1.0 .LOCL. 10 l 40h 64 0 0.000 0.000 0.000

*192.150.149.245 198.60.22.240 2 u 348 1024 377 65.560 1.922 0.869

+192.111.144.114 146.186.222.14 2 u 1039 1024 373 35.510 9.632 1.165

where 'mail' is the ntpd server specified in ntp.conf. This lists mail's peers. Again, inidicating ntpd is working, but why nothing in ps ax?

This doesn't work:

root# ntpq -np

localhost: timed out, nothing received

***Request timed out

That is, I cannot query peers for the localhost, so I can't get verify the server information for the localhost. This works on all non-Mac computers I've tried that use ntp. Why?

Feel free to jump in on this ... anyone ... really

Anyone? Surely somebody uses ntpd or the Mac equivalent, if there is one.

The time server is a local Active Directory / Domain Controller, and it has a default Maximum Tolerance policy of 5 minutes. What happens if the difference is more than 5 minutes I don't recall. Nevertheless, to be safe, I tried your idea but setting the clock difference to 4 minutes. I 'watch'ed the time on both the AD/DC and Mac workstation, then went away for an hour. When I returned, the times were back in sync. So, yes, they synchronize. Good suggestion!

Since nptd is NOT running on the Mac, do you have any idea what is doing the synchronization? Is it a bad idea to actually run ntpd? Do you know whether the other ntp.conf settings (iburst prefer, fudge, restrict, ...) do anything at all? iburst is mentioned in the ntpd manpage. The ntp.conf manpage doesn't exist on the mac despite its being referenced in the ntpd manpage. The driftfile definitely never gets created.

Finally, what about the 'ntpq -np localhost' not working? Any idea on that?

I think I've got the ntp.conf syntax pretty well figured out. But I'm more confused ... The link you gave references ntpq and ntpdc, but neither work for the local host:

root# ntpq -np localhost

ntpq: read: Connection refused

root# ntpdc -l -n localhost

ntpdc: read: Connection refused

Why is the connection refused? The firewall is not running. Another posting said I needed 'restrict 127.0.0.1' or the ntpq wouldn't work for the localhost. I've tried that, but the results are shown above.

If ntpd is not doing the synchronizing, what is?

You opine that it's not necessary "bad" to run ntpd, but would than not interfere with whatever is already doing the synchronizing? Going ahead and running ntpd doesn't seem to help with the ntpq problem although it then doesn't say "connection refused"; it times out instead.

In the end, as long as the time gets synchronized I shouldn't care, but I'd like to understand what's doing the synchronization and why documented commands don't work.