I'm looking in to understanding how Time Sync works with a Win 10 Azure AD Joined laptop/workstation. Looking at my laptop, I noticed that Windows Time is not started and set to manual. Starting it and getting the current config (w32tm /query /status) tells me its syncing with the local CMOS clock. I know in a domain/client environment clients sync with the DC. So that leads me to my question, where are the Azure AD joined clients getting time from?
What brought this up is we are noticing lots of time changes on these systems, lots of them. We are a software company with a proprietary time series database logging sub-second data, so time is kinda big deal to us and why we noticed things like this.
Thanks in advance for the help.
Chris
Best Answer
Short answer: there is no time sync with Azure AD for managed devices.
Modern authentication using AAD does not really look at the local device time, it is not required for the devices to sync (like what you have with a Kerberos domain) or have a skew time or anything like that.
Intune doesn't also seem to have the capability to configure NTP yet, but you can vote to have that if you want: https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/39352645-intune-and-autopilot-time-synchronization-and-ntp