Sometimes I get a script idea put in my head that's so irritatingly pervasive that the only fix is to write the damned script. David Szpunar from the NinjaOne Users Discord made a somewhat passing comment about time drift causing issues with a remote support tool and that let to me thinking... You could probably monitor for that with a PowerShell one-liner right?
Wrong! Turns out that it's more than one line!
The Script
### Inline Comments
'<MARKED STRINGS>'
This script was updated after being published, if you're using it please compare the version you have with the version available here.
This script was last updated on 2023/03/17.
loading...
Using The Script
We tested this as a "Script Result Condition" in NinjaOne set to trigger the monitor if a machine's time drifts by more than 10 seconds from uk.pool.ntp.org (the UK's NTP pool) and it worked like a charm. The script is pretty self-explanatory but here's a quick rundown of what it does:
- It uses a configurable NTP or SNTP server to get the "reference" time. (Parameter
-ReferenceServer) - It uses the
w32tmexecutable to conduct a number of skew checks against that reference server (Parameter-NumberOfSamples) - It averages the samples and compares the result to the threshold (Parameter
-AllowedTimeDrift) - Optionally you can force a resync if the time drift is greater than the threshold (Parameter
-ForceResync)
If the average time drift is greater than the threshold, the script returns a non-zero exit code and the monitor triggers. If the w32tm command errors (non existent server, network down etc) the script returns a non-zero exit code and the monitor triggers.
Credits
This script borrows ideas and the approach and a little code from the excellent blog of Kevin Holman.
The formidable Chris Taylor helped with a cool suggestion to suppress empty lines in the output and his site is well worth a visit.