Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. A computer that is running Windows 10 Version 1511 reverts to a previous date and time

A computer that is running Windows 10 Version 1511 reverts to a previous date and time

View products that this article applies to.

Symptoms

The system date and time setting on a computer that is running Windows 10 Version 1511 (build 10586.xx) incorrectly reverts to a date and time that is at least one day in the past. This issue may occur in the following scenario: 

  • The computer is originally connected to the Internet.
  • The computer is turned off and restarted while it's connected to a closed private network.
  • The private network has no SSL servers (and, therefore, the client has no outbound SSL traffic).
When this issue occurs, the computer system's date and time settings are reset to their previous values, even if this change overrides any changes that were made by an administrator. The Windows Time service that's running on the computer causes this behavior by using stale Secure Time Seeding information from the registry. In this scenario, the Windows Time service effectively stops using time that is obtained from any Network Time Protocol (NTP) server or the Active Directory hierarchy. 

Additional symptoms include but are not limited to the following:
  • Kernel-General event 1 in the system log indicates that the time setting has been reset to a past value.
  • Events that are recorded in the event log have invalid time stamps that are in the past.
  • Kerberos authentication fails.

↑ Back to the top

Cause

This issue occurs because of a problem in the new Secure Time Seeding feature that is part of Windows Time service in Windows 10 Version 1511. This feature uses metadata from outgoing SSL connections from the computer to determine the approximate current time and date values, and it stores this data in the registry. When the computer restarts, the old registry data is not cleared or updated if, for any reason, no outgoing SSL traffic is present since the startup. This can cause the issue that's described in the "Symptoms" section. 

↑ Back to the top

Workaround

Important Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, back up the registry for restoration in case problems occur.

To work around this issue, try either Method 1 or Method 2, depending on your network environment. 

Method 1: Clear the W32time registry values and force synchronize the time over NTP

You can clear the w32time registry state to force synchronize the time on the computer with the internal NTP/NT5DS server. To do this, run the following sequence of commands at an elevated command prompt:

Net stop w32time

W32tm.exe /unregister

W32tm.exe /register

net start w32time

W32tm.exe /resync /force
Method 2: Reconnect to the Internet

Reconnect the computer to the Internet. This issue is corrected after the computer has access to the SSL servers on the Internet and has outbound SSL traffic.

Optional Method 3: Disable Secure Time Seeding

Important We recommend that you try Workarounds 1 or 2 before you disable the Secure Time Seeding feature. Disabling the feature keeps it disabled even after you upgrade to a newer version of Windows in which the issue has been fixed. 

To disable the Secure Time Seeding feature, set the UtilizeSslTimeData DWORD value to 0 (zero):

Registry subkey:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\w32time\Config

Value name: UtilizeSslTimeData
Value data: 0
Value type: DWORD

To do this, run the following command at an elevated command prompt, and then restart the computer:

reg add  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\W32Time\Config /v UtilizeSslTimeData /t REG_DWORD /d 0 /f
After the computer restarts, force synchronize the system time over NTP by running the following commands at an elevated command prompt:

Net start w32time
W32tm.exe /resync /force
Note To re-enable the Secure Time Seeding feature, change the UtilizeSslTimeData value data to 1. To do this, run the following command at an elevated command prompt, and then restart the computer:

reg add  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\W32Time\Config /v UtilizeSslTimeData /t REG_DWORD /d 1 /f

↑ Back to the top

Keywords: kbexpertiseinter, kbprb, kbsurveynew, kb

↑ Back to the top

Article Info
Article ID : 3160312
Revision : 1
Created on : 1/7/2017
Published on : 6/9/2016
Exists online : False
Views : 3814