Hello everyone, I was trying to configure NTP server in my samba4 server but it's not working. I am using CentOS 6.3 (32 bit) for my samba4 server. I installed ntp using yum and the ntp version is 4.2.4 added this line in /etc/ntp.conf restrict mynet mssntp signdsocketdir /data/samba/samba4/prefix/var/run/ntp_signd/ and restarted the ntpd server but my clients are not syncing with the server time Then I removed ntp package using yum and installed the tar package of ntp from ntp.org version 4.2.6 and compiled using --enable-ntp-signd but after this I am not sure what to do as I don't see any ntp.conf. Can anyone please tell me what am I suppose to do now?
On Sat, Aug 4, 2012 at 6:25 AM, deepak prasad <deep27ak at yahoo.com> wrote:> Hello everyone, > > I was trying to configure NTP server in my samba4 server but it's not working. I am using CentOS 6.3 (32 bit) for my samba4 server. > > I installed ntp using yum and the ntp version is 4.2.4 > > > added this line in /etc/ntp.conf > restrict mynet mssntp > signdsocketdir /data/samba/samba4/prefix/var/run/ntp_signd/ > > and restarted the ntpd server but my clients are not syncing with the server time > > Then I removed ntp package using yum and installed the tar package of ntp from ntp.org version 4.2.6 and compiled using > --enable-ntp-signd > > but after this I am not sure what to do as I don't see any ntp.conf. > Can anyone please tell me what am I suppose to do now?Stop there. There's historically been no good reason for NTP to be a signed service, especially if you're restricting NTP services to a local VLAN anyway. Start with it *unsigned*, and turn off the restrictions. \verify that it's up with tools like "ntpdc -l", and verify that ntptrace to the localhost and to the remotely designated NTP servers is working correctly. Simply slapping in a more recent version hand-built may work, but it's not a production grade solution. That 'signdsocketdir' option is not in the documentation for the NTP 4.2.4. Do you actually need that feature for sme reason?
On Sun, Aug 5, 2012 at 11:45 PM, deepak prasad <deep27ak at yahoo.com> wrote:> Yes I believe so because I think there should be only 5 min of changes > between the server time and client machine and if the time gap is more my > clients do not get internet connection, it seems my named server doesnot > work for them and when I fix the date once again the nameserver starts > working so I thought building a NTP server would be a good ideaNTP is great. I agree with your implicit assumption that using a good NTP service is helpful for Samba: The Kerberos authentication necessary Active Directory style authentication is a vital component of modern Samba. and it most definitely relies on a good time service to keep remote hosts in sync. But it's the requirement for a *signed* NTP service that I'm doubting. But your remote site, and yours should be able to use publicly available NTP services. unless you really have some compelling need to keep your NTP service completely private.
On Sat, 2012-08-04 at 18:25 +0800, deepak prasad wrote:> Hello everyone, > > I was trying to configure NTP server in my samba4 server but it's not working. I am using CentOS 6.3 (32 bit) for my samba4 server. > > I installed ntp using yum and the ntp version is 4.2.4 > > > added this line in /etc/ntp.conf > restrict mynet mssntp > signdsocketdir /data/samba/samba4/prefix/var/run/ntp_signd/Is this really your Samba4 prefix? It looks suspiciously like mine, but did you really install Samba4 there? Find where the ntp_signd folder is on your system, and point it at that. If you run ntpd as group 'ntp' ensure that the folder also is GROUP owned by 'ntp'. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org