On Sun, 19 Jan 2025 17:51:54 +0100 Peter Milesson via samba <samba at lists.samba.org> wrote:> > > > On 19.01.2025 17:30, Sonic via samba wrote: > > When I first did a Samba upgrade to 4.19.3 on Debian Bookworm back > > in December of 2023 Chrony was working just fine for a natural > > domain time sync to the DC - no special config or GPO necessary. So > > after seeing this thread I decided to see what was different about > > my configuration that allowed it to work so seamlessly and I was > > shocked that it no longer does. I don't think it's a change in > > Chrony as I'm sure it's the same version that was installed back in > > 2023. So it's either a change in Samba (currently at 4.21.1 - > > Debian Backports) or a change in every Windows system on two > > different domains. Have there been any changes in Samba's code in > > this area since 4.19.3? > Hi Sonic, > > I posted here about time sync problems in August 2023, replacing ntpd > with chrony and got time sync working. Since then, there have been no > chrony updates in Debian Bookworm. Thus it seems to be a Samba > problem. > > Best regards, > > Peter > >I cannot get Chrony to work with MS-SNTP from a Windows client, now this could be a Samba problem, but I cannot test the probably fixed ntpsec, because the 'fix' is only available for the version of ntpsec in Trixie and I do not have a 'Trixie' DC and I am not willing to add one running a testing version of an OS. Anyone know the procedure to ask for a package to be backported ? Rowland
Op 20-01-2025 om 11:52 schreef Rowland Penny via samba:> On Sun, 19 Jan 2025 17:51:54 +0100 > Peter Milesson via samba <samba at lists.samba.org> wrote: > >> >> >> On 19.01.2025 17:30, Sonic via samba wrote: >>> When I first did a Samba upgrade to 4.19.3 on Debian Bookworm back >>> in December of 2023 Chrony was working just fine for a natural >>> domain time sync to the DC - no special config or GPO necessary. So >>> after seeing this thread I decided to see what was different about >>> my configuration that allowed it to work so seamlessly and I was >>> shocked that it no longer does. I don't think it's a change in >>> Chrony as I'm sure it's the same version that was installed back in >>> 2023. So it's either a change in Samba (currently at 4.21.1 - >>> Debian Backports) or a change in every Windows system on two >>> different domains. Have there been any changes in Samba's code in >>> this area since 4.19.3? >> Hi Sonic, >> >> I posted here about time sync problems in August 2023, replacing ntpd >> with chrony and got time sync working. Since then, there have been no >> chrony updates in Debian Bookworm. Thus it seems to be a Samba >> problem. >> >> Best regards, >> >> Peter >> >> > I cannot get Chrony to work with MS-SNTP from a Windows client, now > this could be a Samba problem, but I cannot test the probably fixed > ntpsec, because the 'fix' is only available for the version of ntpsec > in Trixie and I do not have a 'Trixie' DC and I am not willing to add > one running a testing version of an OS. Anyone know the procedure to > ask for a package to be backported ? > > RowlandIf you don't want to be dependent on the maintainer and get it quickly, you can checkout the debian source of ntpsec, take the version from Trixie. replace (some of) the dependencies with those of Bookworm and build the package. Debian's ntpsec versions: https://salsa.debian.org/debian/ntpsec/-/tags Check the dependency differences between release 1.2.3+dfsg1-3 (Trixie) and 1.2.2+dfsg1-1+deb12u1 (Bookworm). - Kees.> >
On Mon, Jan 20, 2025 at 5:53?AM Rowland Penny via samba < samba at lists.samba.org> wrote:> I cannot get Chrony to work with MS-SNTP from a Windows client, now > this could be a Samba problem.... >The reason I think it's a Samba issue is that it worked perfectly with 4.19.3 but no longer works with 4.21.1 (or 4.21.3). I guess it is possible that all of the Windows' systems were updated to some unworkable state but it would take setting up a test case with 4.19.3 to verify. I did try starting up an old copy at one site but the systems wouldn't let me logon, most likely the secrets changed and I didn't want to mess anything up further.