Web lists-archives.com

Re: [Samba] ntp and samba43 on FreeBSD-103.




On Tue, 2017-02-07 at 13:06 -0500, James B. Byrne via samba wrote:
> Recently we have been having a lot of trouble with time
> synchronisation between our samba DC and the domain clients.  We are
> not sure what started this issue since the Samba domain went live on
> October 11, 2016 and the issues only began to surface this past
> January but at some point the time on the clients and the DC diverged
> enough that we began to get strange network errors.  Once we figured
> out that these were caused by time divergence they were not so
> strange, but to begin with they were most mysterious.
> 
> In any case, we have resolved most of these issues.  In dealing with
> this I ran across
> https://wiki.samba.org/index.php/Time_Synchronisation  which contains
> this instruction:
> 
> Set up the ntpd.conf File on a DC
> . . .
> ntpsigndsocket  /usr/local/samba/var/lib/ntp_signd/
> 
> Now, on the FreeBSD host I see this instead:
> 
> # sockstat | grep ntp
> root     ntpd       6229  3  dgram  -> /var/run/logpriv
> root     ntpd       6229  20 udp6   *:123                 *:*
> root     ntpd       6229  21 udp4   *:123                 *:*
> root     ntpd       6229  22 udp4   192.168.8.65:123      *:*
> root     ntpd       6229  23 udp6   ::1:123               *:*
> root     ntpd       6229  24 udp6   fe80::1%lo0:123       *:*
> root     ntpd       6229  25 udp4   127.0.0.1:123         *:*
> root     samba      766   24 stream /var/run/samba4/ntp_signd/socket
> 
> 
> So I altered /etc/ntp.conf as follows:
> 
> ntpsigndsocket  /var/run/samba4/ntp_signd/
> 
> 
> However, as I have no idea what this does or how (or even if) al this
> works I would like to have this setup explained to me.

Have you also set mssntp in the restrict line for your clients?

This is required to make it talk to the socket.

I hope this helps,

Andrew Bartlett
-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba