I'm not sure this particular AD is acting properly as a time service. The socket "/usr/local/samba/var/lib/ntp_signd/socket" exists with proper permissions but I see a lot of time sync errors in my clients. This case being that the Samba AD is running in a LXC and the container itself doesn't need ntpd running as its time is always the same as the host's time (which is running ntpd). Does the Samba4 AD actually need ntpd running in the same container as itself in order to be a time service? Thanks.
On Tue, 2018-01-30 at 09:26 -0500, Sonic via samba wrote:> I'm not sure this particular AD is acting properly as a time service. > > The socket "/usr/local/samba/var/lib/ntp_signd/socket" exists with > proper permissions but I see a lot of time sync errors in my clients. > > This case being that the Samba AD is running in a LXC and the > container itself doesn't need ntpd running as its time is always the > same as the host's time (which is running ntpd). > > Does the Samba4 AD actually need ntpd running in the same container as > itself in order to be a time service?Yes, or else you need to somehow connect ntpd to Samba, as otherwise you can't configure the Samba authentication mode. Andrew Bartlett -- Andrew Bartlett https://samba.org/~abartlet/ Authentication Developer, Samba Team https://samba.org Samba Development and Support, Catalyst IT https://catalyst.net.nz/services/samba
Thanks much! Was what I was suspecting. On Wed, May 2, 2018 at 6:56 PM, Andrew Bartlett <abartlet at samba.org> wrote:> On Tue, 2018-01-30 at 09:26 -0500, Sonic via samba wrote: >> I'm not sure this particular AD is acting properly as a time service. >> >> The socket "/usr/local/samba/var/lib/ntp_signd/socket" exists with >> proper permissions but I see a lot of time sync errors in my clients. >> >> This case being that the Samba AD is running in a LXC and the >> container itself doesn't need ntpd running as its time is always the >> same as the host's time (which is running ntpd). >> >> Does the Samba4 AD actually need ntpd running in the same container as >> itself in order to be a time service? > > Yes, or else you need to somehow connect ntpd to Samba, as otherwise > you can't configure the Samba authentication mode. > > Andrew Bartlett > > -- > Andrew Bartlett > https://samba.org/~abartlet/ > Authentication Developer, Samba Team https://samba.org > Samba Development and Support, Catalyst IT > https://catalyst.net.nz/services/samba > > > >