photonetworkde - Fotolia

How do you configure ESXi time sync through the vSphere Web Client?

Configuring ESXi time sync should be a top priority for admins once installation is complete -- failure to do so could result in application failure, VM issues and more.

If your ESXi time sync configuration is off, then your VMs, applications and file servers could be in trouble....

Once you've successfully installed ESXi 6.5, one of the most important things for an administrator to do is configure time synchronization.

If your host is out of sync, your VMs are out of sync and could fail. If your VMs are out of sync, some applications might stop working. For example, file servers might stop providing access to resources, because of expiring Kerberos tickets, or domain controllers won't sync across sites.

Computers and servers more than five minutes out of sync will not authenticate. It's very important to configure a manual time source for the primary domain controller emulator in the forest root domain.

Configure ESXi time sync and NTP settings

In order to configure ESXi time sync, edit the Network Time Protocol (NTP) settings in the vSphere Web Client. Open the vSphere Web Client, select the proper ESXi host and then click Configure > Time Configuration > Edit and select "Use Network Time Protocol (Enable NTP client)."

Next, open the NTP Service Startup Policy drop-down menu and choose "Start and stop with the host." Add all your NTP servers to the NTP Servers text box (Figure A).

For this example, I used "" -- a pool of NTP servers hosted at VMware.

Configure ESXi time sync
Figure A. Configure ESXi time sync.

When you've finished adding NTP servers, it's important to remember to restart to update the NTP service settings. If you don't restart, the service goes into a "stop" state and doesn't apply the settings right away.

Once you've followed these steps and restarted, you've successfully configured the ESXi host to fetch the time from an external source. This is the best setting for most environments.

What about other alternatives?

It's rare that one configuration is the perfect fit for every situation. There might be times when the host doesn't have access to the internet and, in turn, doesn't have access to use an NTP server. Or the configuration might be an isolated, highly secured environment where using the internet isn't an option. In these scenarios, you need an alternative plan.

Usually, the best alternative is to sync with your domain controller. The domain controller's NTP settings must be up to date because it provides the time services for all the desktops and server systems within your organization.

So, instead of putting "" in the NTP Servers text box, enter a fully qualified domain name or IP address of the Windows domain controller server(s) from your organization.

No matter the method you choose, you need to restart the NTP service after every change in order for the changes to take effect.

Next Steps

How to set up server time synchronization on SUSE Linux Enterprise Server

Security issues caused by unsynchronized system clocks

Is there a better way to sync XP systems?

Dig Deeper on VMware how-tos