I recently attempted to install the Meinberg NTP client on a Windows Server 2012 system, but ran into a problem during the installation. At one point, the installer asks you what account to use for the service: 1) a newly-created "ntp" service account, or 2) run as SYSTEM (there might be a third option, I don't remember.
Running ntp as SYSTEM seems like asking for trouble; you should always run services with the least privileges required. So of course I chose to use the "ntp" service account. I had successfully used it before on Windows 7 systems.
However, upon clicking "Next", the installer crashed! Looks like the installer created an "ntp" account, but it was disabled, and had no password set. Also, the service was not installed.
Here's what I did to workaround the issue:
- Run the installer again, this time using the SYSTEM account for the service
- Manually create the "ntp"user. (optional: set password to never expire)
- Open gpedit.msc
- Under Local Computer Policy/Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment, add "ntp" to the following:
- Change the system time
- Deny access to this computer form the network
- Deny log on as a batch job
- Deny log on locally
- Increase scheduling priority
- Log on as a service
That done, you can open "services.msc" and change the service to log on as the "ntp" account. Then restart the service.
No comments:
Post a Comment