Web lists-archives.com

[Samba] Chrony (tested on Debian9/ubuntu 18.04)




He Rowland/list,

Not that im pro chrony, i still preffer ntp.

If everybody with an os below test this, and report back like below, then all settings are findable through the list. 

Please review / check it. 


Requirements, chrony 3.x+, this is depends on distro version. 
Debian 9 : 3.0		checked - done - OK 
Ubuntu 17.10 : 3.1
Ubuntu 18.04 : 3.2	checked - done - OK
Fedora 26 : 3.2
Mageia Cauldron : 3.3
Centos 7.5 : 3.2
openSuse 15 : 3.2

################################################################
Below is tested on Debian 9 and Ubuntu 18.04:

apt-get install chrony
# Install and cleanup ntp is apt-get install chrony --autoremove
chgrp "_chrony"  /var/lib/samba/ntp_signd

Add the following at the end of /etc/chrony/chrony.conf 

echo "
#(optional : bindaddress 192.168.1.1 of the FQDN of the AD DC)
ntpsigndsocket /var/lib/samba/ntp_signd

#(optional allow/deny in order of processing) 
#allow 192.168.1.0/24
# or set more allow/deny. Watch the order ( top to bottem )!
#allow 192.168.1.2
#deny 192.168.1
#allow 192.168.2"
>> /etc/chrony/chrony.conf

editor /etc/chrony/chrony.conf
And set your own timeservers. 
Format: server your.time.server.tld iburst 

systemctl restart chrony
systemctl restart samba-ad-dc 

And check chrony time with : 
chronyc tracking
################################################################


Reboot a pc, login and check time via event log messages. 

For the list members, sofare it looks like its no problem if you run chrony and ntp on different servers.
Atm im now my DC1 with chrony and DC2 with ntp. 

Important note here is you must set the source servers manualy. 
If you use pool server, these can rotate and can give a out of sync in your time. 
So do set a close (stratum 1 public NTP) server.


Greetz, 

Louis


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba