FreeBSD-12.1p7
Samab-4.10.15 running in FreeBSD Jail
I just wish to ensure that my conclusion respecting Samba, FreeBSD Jails, and
NTP is correct.
1. Unless configured otherwise Windows domain clients will query and obtain
their time from the samba_server DC.
2. Samba_server obtains its time from the OS, in this case a FreeBSD Jail.
3. FreeBSD Jails get their time from their host.
4. If the host is running ntpd then this has the same effect as if ntpd was
running alongside the samba_server.
Is this reasoning correct?
--
*** e-Mail is NOT a SECURE channel ***
Do NOT transmit sensitive data via e-Mail
Unencrypted messages have no legal claim to privacy
Do NOT open attachments nor follow links sent by e-Mail
James B. Byrne mailto:ByrneJB at Harte-Lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
On 30/07/2020 22:00, James B. Byrne via samba wrote:> FreeBSD-12.1p7 > Samab-4.10.15 running in FreeBSD Jail > > > I just wish to ensure that my conclusion respecting Samba, FreeBSD Jails, and > NTP is correct. > > 1. Unless configured otherwise Windows domain clients will query and obtain > their time from the samba_server DC. > > 2. Samba_server obtains its time from the OS, in this case a FreeBSD Jail. > > 3. FreeBSD Jails get their time from their host. > > 4. If the host is running ntpd then this has the same effect as if ntpd was > running alongside the samba_server. > > Is this reasoning correct?We have a wikipage about this: https://wiki.samba.org/index.php/Time_Synchronisation You just need to adapt it for Freebsd jails ;-) Rowland
On 7/30/20 5:00 PM, James B. Byrne via samba wrote:> FreeBSD-12.1p7 > Samab-4.10.15 running in FreeBSD Jail > > > I just wish to ensure that my conclusion respecting Samba, FreeBSD Jails, and > NTP is correct. > > 1. Unless configured otherwise Windows domain clients will query and obtain > their time from the samba_server DC. > > 2. Samba_server obtains its time from the OS, in this case a FreeBSD Jail. > > 3. FreeBSD Jails get their time from their host. > > 4. If the host is running ntpd then this has the same effect as if ntpd was > running alongside the samba_server. > > Is this reasoning correct? > >Yeah. I think it is OK, I run Samba DCs on Linux containers. I don't run the NTP server on the container, It is running on the host, but it is configured to read the Samba provided socket for signing the time (as Roland pointed to you to https://wiki.samba.org/index.php/Time_Synchronisation) Make sure that the host NTP server is bound to the same IP (in addition of any other you want) where you are exposing the Samba DC server container. For example if my host has IP address of 192.168.100.10 and I expose the Samba DC container with 192.168.100.11. then I have to make sure the NTP server is bound to 192.168.100.11 and not only to the host IP.