Remotely set time server

k3vmo
Contributor II

Hi all!
New to the scene. This seems like an incredible support group. I've just proposed Jamf - we'll see how that goes. Anyway:

The time server was manually set on systems in the environment I inherited. I have to correct it because the specific server the hosts were set to, is going to be decommissioned. I'd rather point it to the domain and it will find the NTP server just fine

I know to update the time server:

/usr/sbin/systemsetup -setnetworktimeserver domain.com
/user/sbin/systemsetup -setusingnetworktime on

Seems to set the NTP server correctly and it does adjust the time on a remote system - however, I've seen it doesn't check the box stating "Set date and time automatically"

Can I assume that it will remain despite the fact the GUI doesn't have the pretty checkmark?

30 REPLIES 30

DBrowning
Valued Contributor II

give this a shot:

#!/bin/sh

# Use "/usr/sbin/systemsetup -listtimezones" to see a list of available list time zones.
TimeZone="America/New_York"
TimeServer="time.apple.com"

############# Pause for network services #############
/bin/sleep 20
#################################################

/usr/sbin/systemsetup -setusingnetworktime off 

#Set an initial time zone
/usr/sbin/systemsetup -settimezone $TimeZone

#Set specific time server
/usr/sbin/systemsetup -setnetworktimeserver $TimeServer

# enable location services
uuid=`/usr/sbin/system_profiler SPHardwareDataType | grep "Hardware UUID" | cut -c22-57`
/usr/bin/defaults write /var/db/locationd/Library/Preferences/ByHost/com.apple.locationd.$uuid LocationServicesEnabled -int 1
/usr/bin/defaults write /var/db/locationd/Library/Preferences/ByHost/com.apple.locationd.notbackedup.$uuid LocationServicesEnabled -int 1
/usr/sbin/chown -R _locationd:_locationd /var/db/locationd

# set time zone automatically using current location 
/usr/bin/defaults write /Library/Preferences/com.apple.timezone.auto Active -bool true

/usr/sbin/systemsetup -setusingnetworktime on 

/usr/sbin/systemsetup -gettimezone
/usr/sbin/systemsetup -getnetworktimeserver

exit 0

k3vmo
Contributor II

While I'm VERY grateful for this - I'm not able to use location services behind the proxy that is run here. It's a healthcare company and nothing can hit the Internet directly. And, until my solution gets approved I'll never have Apple's 17.0.0.0/8 block open so I can't even use location or notification - any of the useful stuff

To further complicate it - our internal time server is 9 minutes off of both Apple and the navel time servers. God only knows why they wouldn't sync with the navy.

I've run the commands for -setnetworktimeserver domain.com (replacing domain.com with our domain)

My question is whether it matters that the checkmark for 'Set date and time automatically' is not checked in the GUI even after running these commands?

Every check through a remote terminal session comes back as if it's set correctly. I'm not sure whether the GUI has to update or can be updated as well

sdagley
Esteemed Contributor II

@k3vmo Try asking your network infrastructure group to create a DNS entry for time.apple.com that points to your internal time server so the default time server settings in macOS just work (I used this approach in a previous job where NTP traffic wasn't allowed through the firewall).

lashomb
Contributor II

A simple /etc/hosts entry pointing old domain to a functional time server IP may work as well. No internet required.

AVmcclint
Honored Contributor

If your internal time server is 9 minutes off from the Apple and Navy clocks (and presumably others) and your Macs sync up to it, that could cause SSL problems with external sites that DO sync up to atomic clocks. I think that would be your first order of business before you sync up to your company's internal server. I also work in a HIPAA environment and our network admins have blocked all NTP syncing with Apple's servers, however our internal servers ARE synced up to other external atomic clocks. So in order to get my Macs synced up, I have a command added on to our daily inventory collection: ntpdate -u 10.1.5.5 This makes sure that there is very little time drift at all on a daily basis. The only Macs that end up drifting are those used by people who go on 2 week vacations and their Macs don't check in during that time. Other than that, it works great! However the #1 thing that is required is that our internal server syncs to the atomic clocks the rest of the world uses.

EDIT: I just realized you said you don't have Jamf yet. Until you get Jamf at your company, you can periodically run that command en masse via ARD if you have that.

jwilson
New Contributor II

@ddcdennisb With this script are you placing it in self service. If so, is there somewhere in the policy I also have set things. I edited the script for Chicago, but the policy fails. Any help would be appreciated.

DBrowning
Valued Contributor II

I don't have it running in Self Service. i just have it running on check-in.

Can you share the logs of the script running? Maybe able to see whats happening in there.

jwilson
New Contributor II

@ddcdennisb Here is the error.

Running script Time.sh...
Script exit code: 2
Script result: /Library/Application Support/JAMF/tmp/Time.sh: line 1: {rtf1ansiansicpg1252cocoartf1561cocoasubrtf400: command not found
/Library/Application Support/JAMF/tmp/Time.sh: line 2: syntax error near unexpected token `}'
/Library/Application Support/JAMF/tmp/Time.sh: line 2: `{fonttblf0fnilfcharset0 Menlo-Regular;}'
Error running script: return code was 2.

Also how do you have it set at check in ?? Maybe i can go that route ?

DBrowning
Valued Contributor II

can you also share your version of the script that you are running? Looks like there might be some syntax errors in the code. (going off what i'm seeing in your log posted above).

jwilson
New Contributor II

@ddcdennisb

I only edited timezone = and timeserver=

Should i have made other edits ? Not the best at script. Still learning them.

!/bin/sh

Use "/usr/sbin/systemsetup -listtimezones" to see a list of available list time zones.

TimeZone="America/Chicago” TimeServer="time.apple.com"

####### Pause for network services #######

/bin/sleep 10

#####################################

/usr/sbin/systemsetup -setusingnetworktime off

Set an initial time zone

/usr/sbin/systemsetup -settimezone $TimeZone

Set specific time server

/usr/sbin/systemsetup -setnetworktimeserver $TimeServer

enable location services

/bin/launchctl unload /System/Library/LaunchDaemons/com.apple.locationd.plist
uuid=/usr/sbin/system_profiler SPHardwareDataType | grep "Hardware UUID" | cut -c22-57
/usr/bin/defaults write /var/db/locationd/Library/Preferences/ByHost/com.apple.locationd.$uuid LocationServicesEnabled -int 1
/usr/sbin/chown -R _locationd:_locationd /var/db/locationd
/bin/launchctl load /System/Library/LaunchDaemons/com.apple.locationd.plist

set time zone automatically using current location

/usr/bin/defaults write /Library/Preferences/com.apple.timezone.auto Active -bool true

/usr/sbin/systemsetup -setusingnetworktime on

/usr/sbin/systemsetup -gettimezone
/usr/sbin/systemsetup -getnetworktimeserver

exit 0

DBrowning
Valued Contributor II

First thing i'm seeing is you want to make sure the "TimeZone="America/Chicago” TimeServer="time.apple.com"" are one 2 different lines

TimeZone="America/Chicago” TimeServer="time.apple.com"

jwilson
New Contributor II

it is.

DBrowning
Valued Contributor II

can you post your script again, this time putting the code in using the >_ button above?

1fae2b7c92724803bb779b4efe3a563c

jwilson
New Contributor II
#!/bin/sh

# Use "/usr/sbin/systemsetup -listtimezones" to see a list of available list time zones.
TimeZone="America/Chicago”
TimeServer="time.apple.com"

############# Pause for network services #############
/bin/sleep 10
#################################################

/usr/sbin/systemsetup -setusingnetworktime off 

#Set an initial time zone
/usr/sbin/systemsetup -settimezone $TimeZone

#Set specific time server
/usr/sbin/systemsetup -setnetworktimeserver $TimeServer

# enable location services
/bin/launchctl unload /System/Library/LaunchDaemons/com.apple.locationd.plist
uuid=`/usr/sbin/system_profiler SPHardwareDataType | grep "Hardware UUID" | cut -c22-57`
/usr/bin/defaults write /var/db/locationd/Library/Preferences/ByHost/com.apple.locationd.$uuid LocationServicesEnabled -int 1
/usr/sbin/chown -R _locationd:_locationd /var/db/locationd
/bin/launchctl load /System/Library/LaunchDaemons/com.apple.locationd.plist

# set time zone automatically using current location 
/usr/bin/defaults write /Library/Preferences/com.apple.timezone.auto Active -bool true

/usr/sbin/systemsetup -setusingnetworktime on 

/usr/sbin/systemsetup -gettimezone
/usr/sbin/systemsetup -getnetworktimeserver

exit 0
#!/bin/sh

```

```

DBrowning
Valued Contributor II

OK! for some reason your quotations are messed up. As you can see in your last post, after setting the TimeZone variable, everything is green. Can you try deleting that then replacing the quotes and see if that works out better for you?

jwilson
New Contributor II

@ddcdennisb Better ??

#!/bin/sh

# Use "/usr/sbin/systemsetup -listtimezones" to see a list of available list time zones.
TimeZone=“America/Chicago”
TimeServer=“time.apple.com”

############# Pause for network services #############
/bin/sleep 10
#################################################

/usr/sbin/systemsetup -setusingnetworktime off 

#Set an initial time zone
/usr/sbin/systemsetup -settimezone $TimeZone

#Set specific time server
/usr/sbin/systemsetup -setnetworktimeserver $TimeServer

# enable location services
/bin/launchctl unload /System/Library/LaunchDaemons/com.apple.locationd.plist
uuid=`/usr/sbin/system_profiler SPHardwareDataType | grep "Hardware UUID" | cut -c22-57`
/usr/bin/defaults write /var/db/locationd/Library/Preferences/ByHost/com.apple.locationd.$uuid LocationServicesEnabled -int 1
/usr/sbin/chown -R _locationd:_locationd /var/db/locationd
/bin/launchctl load /System/Library/LaunchDaemons/com.apple.locationd.plist

# set time zone automatically using current location 
/usr/bin/defaults write /Library/Preferences/com.apple.timezone.auto Active -bool true

/usr/sbin/systemsetup -setusingnetworktime on 

/usr/sbin/systemsetup -gettimezone
/usr/sbin/systemsetup -getnetworktimeserver

exit 0

DBrowning
Valued Contributor II

Here. Try using this code:

#!/bin/sh

# Use "/usr/sbin/systemsetup -listtimezones" to see a list of available list time zones.
TimeZone="America/Chicago"
TimeServer="time.apple.com"

############# Pause for network services #############
/bin/sleep 10
#################################################

/usr/sbin/systemsetup -setusingnetworktime off 

#Set an initial time zone
/usr/sbin/systemsetup -settimezone $TimeZone

#Set specific time server
/usr/sbin/systemsetup -setnetworktimeserver $TimeServer

# enable location services
/bin/launchctl unload /System/Library/LaunchDaemons/com.apple.locationd.plist
uuid=`/usr/sbin/system_profiler SPHardwareDataType | grep "Hardware UUID" | cut -c22-57`
/usr/bin/defaults write /var/db/locationd/Library/Preferences/ByHost/com.apple.locationd.$uuid LocationServicesEnabled -int 1
/usr/sbin/chown -R _locationd:_locationd /var/db/locationd
/bin/launchctl load /System/Library/LaunchDaemons/com.apple.locationd.plist

# set time zone automatically using current location 
/usr/bin/defaults write /Library/Preferences/com.apple.timezone.auto Active -bool true

/usr/sbin/systemsetup -setusingnetworktime on 

/usr/sbin/systemsetup -gettimezone
/usr/sbin/systemsetup -getnetworktimeserver

exit 0

DBrowning
Valued Contributor II

Yes! give that a go and see what you get as a result.

AVmcclint
Honored Contributor

@jwilson

{rtf1ansiansicpg1252cocoartf1561cocoasubrtf400

and

{fonttblf0fnilfcharset0 Menlo-Regular;}

This makes me think that maybe your script was typed up in a non-standard text editor. If you use MS Word or even TextEdit to save your text, there is going to be all kinds of extra fluff added for formatting that isn't visible but the script handlers see all of that and don't know how to process it. Make sure you use a text editor like TextWrangler or BBEdit or Atom. These save the text files and nothing but actual text.

jwilson
New Contributor II

Thanks for all the help. So I copied it back in to textedit. Saved it as a .sh file, and it is still giving the same error.

jwilson
New Contributor II

@AVmcclint I am using texteditor, will use text wrangler and update.

AVmcclint
Honored Contributor

Don't use TextEdit. That will always save extra data to the file that will mess up the exectution of the script. TextWrangler or BBEdit or Atom or Sublime... there are many text editors out there that will help you out a lot when you write scripts.

DBrowning
Valued Contributor II

if you are using TextEdit, open a new file and then make sure to make the file Plain Text before saving it. To do this, click on the Format Menu item and then select Make Plain Text.

jwilson
New Contributor II

Thank you @AVmcclint and @ddcdennisb for your help. It is working.

maximilian_heyn
New Contributor

I used this script from @ddcdennisb,
it works like a charm! Unfortunately i get several pop ups on my machine. I get one ever day from Outlook and one from system preferences. Any idea what might cause this? I checked and the ntp servers are set correctly and so is the time zone. Thanks in advance!

DBrowning
Valued Contributor II

@maximilian.heyne what are the popups that you are getting?

maximilian_heyn
New Contributor

@DBrowning in Outlook for example i get "Do you want to update the local time zone". I set the policy to once per user per computer as the option is set after this, so the user only gets the pop up once.

Nick1403
New Contributor III

Hello everybody,

does someone have a script which also works under Big Sur? The @DBrowning script no longer works properly. The System Integrity Protection blocks here. I get the following error message:

Script result: Network Time is already off.
Set TimeZone: Europe/Berlin
setNetworkTimeServer: time.apple.com
/System/Library/LaunchDaemons/com.apple.locationd.plist: Operation not permitted while System Integrity Protection is engaged
Unload failed: 150: Operation not permitted while System Integrity Protection is engaged
/System/Library/LaunchDaemons/com.apple.locationd.plist: service already loaded
Load failed: 37: Operation already in progress
setUsingNetworkTime: On
Time Zone: Europe/Berlin
Network Time Server: time.apple.com

talkingmoose
Moderator
Moderator

I have a "macOS Time" manifest on GitHub that will let you set a time server using a configuration profile. You can add multiple time servers in the format time.apple.com.,pool.ntp.org. (each server ending with a period and separated by a comma).

You'll find the manifest here: https://github.com/Jamf-Custom-Profile-Schemas/jamf-manifests

And instructions here: https://github.com/Jamf-Custom-Profile-Schemas/jamf-manifests/wiki

Thanks for getting me started, but even after creating the profile and scoping to a machine (testing on 10.14), I can see the profile is applied, but the box for "set date and time automatically" is not checked. And of course, the time and time zone are therefore not corrected. Is this an attribute that needs to be added?