The debug log is a powerful tool in the W32Time bag of tricks when you need to figure out why something isn't working. The debug log tell you (for better or worse) what the Time Service is doing under the hood. Where it is connecting to, how long it is waiting between polls, etc.
In Windows Vista/Server 2008, we added the /debug option to the w32tm.exe command. This is the quickest and easiest way to configure the time service, and should be used if possible. A secondary option (if you are running XP/W2k3) is to edit the settings in the registry. Both will have the same effect, but using the w32tm command will keep you from having to get your hands dirty with registry editing. We will take a look at the w32tm command first:
Using the w32tm.exe command
To enable the w32time debug logging:
w32tm /debug /enable /file:C:\windows\temp\w32time.log /size:10000000 /entries:0-300
The command uses the following options:
- /debug - This tells w32tm that you will be changing the debug log settings
- /enable - We are turning on the debug log (as opposed to turning it off)
- /file - Here we are specifying the full path of where the log file will be created; in this case: "C:\windows\temp\w32time.log"
- /size: The maximum size of the log file, in bytes; in this case, it is 10 Mb. When the log is full, the w32time service will wrap to the top of the log file
- /entries: This field is a mask, where you can mask off certain types of entries. More about this later.
Turning off the debug log is just as easy:
w32tm /debug /disable
Using the registry
In essence, the w32tm.exe command shown above does exactly what we are about to do here. The only real difference is that when you use w32tm, it handles the reloading of the config, which will actually apply the values found in the registry. Since we will now be making the changes ourselves, we will need to reload the config ourselves.
Note: If you just want a quick .reg file that you can modify and merge, skip to the bottom of this post.
To get started, fire up the Windows registry editor:
Start -> Run -> Regedit.exe
Next, browse to the w32time config key, where we keep all of the w32time configuration:
Here, you will be creating the following three keys (if they do not exist):
Once they are created, go ahead and add the values that you want.
FileLogName should point to the full path where you want to store the log file. C:\windows\temp is the preferred location. Just ensure that a service running as LOCAL_SYSTEM has write access to the directory.
FileLogSize should be the maximum size of the log file, in bytes. Remember to convert to hex as needed 10Mb in hex would be 0x989680.
FileLogEntries is a numerical mask of the entries that you want to have logged in the log file. Each number in the range 1 - 300 represents a particular logging entry, such as polling intervals, packets received, etc. For the sake of simplicity, you should enable all logging. This is really only useful if you need to track a particular entry over a long period of time, and you don't want all of the other logging to clobber your file. Using 0-300 will guarantee that everything possible will be logged.
Once you apply the changes to the registry, you need to tell the w32time service that it needs to re-read the configuration information. To do this, you can use the following command:
w32tm /config /update
Example .reg file
Here is an example .reg file you can modify to simplify the process:[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\Config]
As usual, If you have specific thoughts or questions about this post, please feel free to leave a comment. For general questions about w32time, especially if you have problems with your w32time setup, I encourage you to ask them on Directory Services section of the Microsoft Technet forums.