Marcio Demetrio Bacci
2020-Aug-04 17:17 UTC
[Samba] Time synchronization issues in Samba 4
Hi, I configured my NTP server in samba 4 according to the article " https://wiki.samba.org/index.php/Time_Synchronisation" however I verified that the NTP server does not respond to requests from Windows NTPv3 clients, it only responds to NTPv4. Following my ntp.conf: # /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help driftfile /var/lib/ntp/ntp.drift # Enable this if you want statistics to be logged. #statsdir /var/log/ntpstats/ statistics loopstats peerstats clockstats filegen loopstats file loopstats type day enable filegen peerstats file peerstats type day enable filegen clockstats file clockstats type day enable # Local clock. Note that is not the "localhost" address! server 127.127.1.0 version 3 fudge 127.127.1.0 stratum 10 # You do need to talk to an NTP server or two (or three). #server ntp.your-provider.example # pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will # pick a different set every time it starts up. Please consider joining the # pool: <http://www.pool.ntp.org/join.html> server a.st1.ntp.br iburst prefer server b.st1.ntp.br iburst prefer driftfile /var/lib/ntp/ntp.drift logfile /var/log/ntp ntpsigndsocket /var/lib/samba/ntp_signd/ # Access control # Default restriction: Allow clients only to query the time restrict default kod nomodify notrap nopeer mssntp # No restrictions for "localhost" restrict 127.0.0.1 # Enable the time sources to only provide time to this host restrict a.st1.ntp.br mask 255.255.255.255 nomodify notrap nopeer noquery restrict b.st1.ntp.br mask 255.255.255.255 nomodify notrap nopeer noquery can anybody help me? Regards, M?rcio Bacci
I use systemd-timesyncd to sync time with the rest of the internet. Then, I use ntpd to allow my samba4 dc to share it's time with joined domain members. Most likely my ntpd.conf is horribly insecure and broken, but it's what I was able to figure out. /etc/ntpd.conf: # This bizarre rule makes ntp fall back to reading from the # bios clock if no network connection is available. server 127.127.1.0 fudge 127.127.1.0 stratum 10 # Access control # Default restriction: Allow clients only to query the time restrict default nomodify notrap nopeer mssntp # No restrictions for "localhost" restrict 127.0.0.1 # Storage driftfile /var/lib/ntp/ntp.drift logfile/var/log/ntp ntpsigndsocket /var/lib/samba/ntp_signd On Tue, Aug 4, 2020 at 12:18 PM Marcio Demetrio Bacci via samba < samba at lists.samba.org> wrote:> Hi, > > I configured my NTP server in samba 4 according to the article " > https://wiki.samba.org/index.php/Time_Synchronisation" however I verified > that the NTP server does not respond to requests from Windows NTPv3 > clients, it only responds to NTPv4. > > Following my ntp.conf: > > # /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help > driftfile /var/lib/ntp/ntp.drift > # Enable this if you want statistics to be logged. > #statsdir /var/log/ntpstats/ > statistics loopstats peerstats clockstats > filegen loopstats file loopstats type day enable > filegen peerstats file peerstats type day enable > filegen clockstats file clockstats type day enable > # Local clock. Note that is not the "localhost" address! > server 127.127.1.0 version 3 > fudge 127.127.1.0 stratum 10 > # You do need to talk to an NTP server or two (or three). > #server ntp.your-provider.example > # pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server > will > # pick a different set every time it starts up. Please consider joining > the > # pool: <http://www.pool.ntp.org/join.html> > server a.st1.ntp.br iburst prefer > server b.st1.ntp.br iburst prefer > driftfile /var/lib/ntp/ntp.drift > logfile /var/log/ntp > ntpsigndsocket /var/lib/samba/ntp_signd/ > # Access control > # Default restriction: Allow clients only to query the time > restrict default kod nomodify notrap nopeer mssntp > # No restrictions for "localhost" > restrict 127.0.0.1 > # Enable the time sources to only provide time to this host > restrict a.st1.ntp.br mask 255.255.255.255 nomodify notrap nopeer > noquery > restrict b.st1.ntp.br mask 255.255.255.255 nomodify notrap nopeer > noquery > > can anybody help me? > > > Regards, > > M?rcio Bacci > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
On 04/08/2020 18:17, Marcio Demetrio Bacci via samba wrote:> Hi, > > I configured my NTP server in samba 4 according to the article " > https://wiki.samba.org/index.php/Time_Synchronisation" however I verified > that the NTP server does not respond to requests from Windows NTPv3 > clients, it only responds to NTPv4.Would these NTPv3 clients be XP ? Rowland
On 04/08/2020 18:59, Michael Jones via samba wrote:> I use systemd-timesyncd to sync time with the rest of the internet.This is not supported by Samba> > Then, I use ntpd to allow my samba4 dc to share it's time with joined > domain members. > > Most likely my ntpd.conf is horribly insecure and broken, but it's what I > was able to figure out. > > /etc/ntpd.conf: > > # This bizarre rule makes ntp fall back to reading from the > # bios clock if no network connection is available. > server 127.127.1.0 > fudge 127.127.1.0 stratum 10 > > # Access control > # Default restriction: Allow clients only to query the time > restrict default nomodify notrap nopeer mssntp > > # No restrictions for "localhost" > restrict 127.0.0.1 > > # Storage > driftfile /var/lib/ntp/ntp.drift > logfile/var/log/ntp > ntpsigndsocket /var/lib/samba/ntp_signd >You do not seem to have set any external ntp servers. Rowland