Hey JAMF Nation,
I was wondering if someone can point me in the right direction with establishing NTP servers on my machines in JAMF.
I've seen a few posts with scripts and I'm wondering if there was a specific payload available instead.
Any help is much appreciated!!
@doreyme The scripts in the posts are your best bet. Just make sure to look for the most recent ones as things have changed over the years. I can't recommend any specific script as I've gone back to having my org's DNS alias time.apple.com to an internal NTP server so we don't change the default configuration any more.
if you want to nail the time server, I'd recommend using a configuration profile instead. The keys and preference domains are stated in the config profile reference:
Check out the "time server" payload.
The Time Server payload is designated by specifying com.apple.MCX as the PayloadType value. This payload allows devices to connect to custom time servers. In addition to the settings common to all payload types, the Time Server payload defines the following keys: timeServer timeZone The ntp server to connect to. Availability: Available in macOS 10.12.4 and later. Time zone path location string in /usr/share/zoneinfo/. For example, ”America/Denver” or ”Zulu”. Availability: Available in macOS 10.12.4 and later.
+1 on @m.entholzner's advice. In most instances, if you can use a profile to accomplish your desired task, it's the way to go. Profile Creator https://github.com/ProfileCreator/ProfileCreator appears to have the provisions in place for building a profile with time server info, but I haven't personally used the payload myself.
Hi all, just come across this as we have a PCI requirement that any Macs involved in PCI work need to point to a specific NTP server.
The 3rd Party App (ProfileCreator) mentioned can create a Config Profile with Time Server settings but importing it into our Jamf environment doesn't work (it imports the General Payload but the Time Server Payload is missing).
I'm going to write a script to run daily on the required Macs to point to the required NTP server:
#!/bin/sh /usr/sbin/systemsetup -setusingnetworktime on -setnetworktimeserver (our PCI NTP Server)
That should cover it, right?
That should work, but you should be able to make the Configuration Profile work. Did you sign the profile before you uploaded it? Sometimes that helps. (Also, did you apply the profile to a test machine after you uploaded it? Sometimes the Jamf GUI won't show profile settings that are not standard.
Also, if you have already created your Profile in profile creator, you could just export the Time Server payload as a PLIST (click and hold the export button and choose Export PLIST). You can then create a new profile in Jamf and upload that PLIST in the custom settings. Make sure the Preference Domains is
An Application & Custom Settings payload as he describes is the easiest solution.
As to why... Jamf Pro doesn't have a built-in editor for the Time Server settings, so if you upload a profile containing that payload you're not going to see it displayed in the GUI. That profile may still work, but to be sure you'd need to have ProfileCreator sign the profile when it's created so that when uploaded to Jamf Pro no modifications will be made to the payload(s).