Alexei Rozenvaser
2018-Jun-07 12:25 UTC
[Samba] chrony configuration for secondary samba DC
It wasn't particularly Chrony related question. The question applies to Samba DC that not holds PDC emulator FSMO role with any NTP server. On Thu, Jun 7, 2018 at 12:12 PM Rowland Penny via samba <samba at lists.samba.org> wrote:> > On Thu, 7 Jun 2018 11:56:16 +0300 > Alexei Rozenvaser <alexei.roz at gmail.com> wrote: > > > DC that doesn't holding PDC emulator FSMO role should sync it's time > > with DC that holdings such role. Right? > > But I can understand how it works in case of samba DC without PDC > > emulator FSMO role and with NTP server configured according to > > https://wiki.samba.org/index.php/Time_Synchronisation#Set_up_the_ntpd.conf_File_on_a_DC > > . Doesn't it create conflict between samba potential to sync time with > > other PDC emulator DC and NTP sever that syncs with some external NTP > > pool? > > To be honest, I have never given this much thought, I normally just set > the DCs up identically and then get DHCP to send both DCs as time > servers to Unix machines. > > I have a draft chrony wikipage, but I need to understand more about > windows and time servers (I use Unix more than I use windows) before > adding it. > > Rowland > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba-- Alexei Rozenvaser
On Thu, 7 Jun 2018 15:25:18 +0300 Alexei Rozenvaser <alexei.roz at gmail.com> wrote:> It wasn't particularly Chrony related question. The question applies > to Samba DC that not holds PDC emulator FSMO role with any NTP server. > On Thu, Jun 7, 2018 at 12:12 PM Rowland Penny via sambaI wasn't entirely sure before, but I am now ;-) So the answer to your question is: Yes, all DCs should use the PDC emulator DC for their time server, but you should also add external time servers, just in case the PDC emulator falls over. Rowland
Alexei Rozenvaser
2018-Jun-07 12:50 UTC
[Samba] chrony configuration for secondary samba DC
OK. But according to my best knowledge so far: There is no automatic fall over of Single-Master roles in Windows Active Directory. You can only transfer or seize it. In other words all machines which AD members - always trying to sync their time with current PDC Emulator even if it is offline, unless you transfer or seize this role to other DC manually. On Thu, Jun 7, 2018 at 3:32 PM Rowland Penny via samba <samba at lists.samba.org> wrote:> > On Thu, 7 Jun 2018 15:25:18 +0300 > Alexei Rozenvaser <alexei.roz at gmail.com> wrote: > > > It wasn't particularly Chrony related question. The question applies > > to Samba DC that not holds PDC emulator FSMO role with any NTP server. > > On Thu, Jun 7, 2018 at 12:12 PM Rowland Penny via samba > > I wasn't entirely sure before, but I am now ;-) > > So the answer to your question is: Yes, all DCs should use the PDC > emulator DC for their time server, but you should also add external > time servers, just in case the PDC emulator falls over. > > Rowland > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba-- Alexei Rozenvaser