Web lists-archives.com

Re: [Samba] ntp and samba43 on FreeBSD-103.




On 02/07/2017 08:15 PM, Andrew Bartlett via samba wrote:
On Tue, 2017-02-07 at 13:06 -0500, James B. Byrne via samba wrote:
Recently we have been having a lot of trouble with time
synchronisation between our samba DC and the domain clients.  We are
not sure what started this issue since the Samba domain went live on
October 11, 2016 and the issues only began to surface this past
January but at some point the time on the clients and the DC diverged
enough that we began to get strange network errors.  Once we figured
out that these were caused by time divergence they were not so
strange, but to begin with they were most mysterious.

In any case, we have resolved most of these issues.  In dealing with
this I ran across
https://wiki.samba.org/index.php/Time_Synchronisation  which contains
this instruction:

Set up the ntpd.conf File on a DC
. . .
ntpsigndsocket  /usr/local/samba/var/lib/ntp_signd/

Now, on the FreeBSD host I see this instead:

# sockstat | grep ntp
root     ntpd       6229  3  dgram  -> /var/run/logpriv
root     ntpd       6229  20 udp6   *:123                 *:*
root     ntpd       6229  21 udp4   *:123                 *:*
root     ntpd       6229  22 udp4   192.168.8.65:123      *:*
root     ntpd       6229  23 udp6   ::1:123               *:*
root     ntpd       6229  24 udp6   fe80::1%lo0:123       *:*
root     ntpd       6229  25 udp4   127.0.0.1:123         *:*
root     samba      766   24 stream /var/run/samba4/ntp_signd/socket


So I altered /etc/ntp.conf as follows:

ntpsigndsocket  /var/run/samba4/ntp_signd/


However, as I have no idea what this does or how (or even if) al this
works I would like to have this setup explained to me.
Have you also set mssntp in the restrict line for your clients?

This is required to make it talk to the socket.

I hope this helps,

Andrew Bartlett
May I ask an off-topic question?

James, does saying "samba43" mean you installed this FreeBSD port or package? Which is known to crash during provisioning as DC. Did you find the solution to that issue?

Alnis

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba