Ow yes, this can work fine.
AD-DC, time is given to the pc's over the AD. (not NTP directly)..
sure you can configure that, but i didnt.
Members, systemd-timedated used the AD-DC its NTP to sync.
Standalones ( i have 1, ) same.
The members dont need SNTP to sync time, only the AD-DC <=> Windows
And you can even overrule that, but im not doing that.
timedatectl show-timesync
SystemNTPServers="192.168.1.1 192.168.1.2"
Per example, this is the network config of my primary member server.
# /etc/systemd/network/30-bond1.network
[Match]
Name=bond1
[Network]
DHCP=no
IPv6PrivacyExtensions=no
IPv6AcceptRouterAdvertisements=no
LinkLocalAddressing=no
DNS=192.168.1.1
DNS=192.168.1.2
DNS=192.168.1.3
Domains=internal.domain.tld
# Time
NTP=192.168.1.1
NTP=192.168.1.2
NTP=192.168.1.3
[Address]
Address=192.168.1.11/24
[Route]
Destination=0.0.0.0/0
Gateway=192.168.1.200
So, i use systemd-networkd (DNS) , systemd-timesyncd (NTP),
And systemd-resolved can be used with Domains= so search is always correct.
This removed the need of some packages and less is better in my opinion.
But basicly its this script.
https://raw.githubusercontent.com/thctlo/debian-scripts/master/setup-systemd-networkd.sh
Questions, just ask.
(p.s. i just made this one, i suggest if you use systemd, have a look at it)
https://raw.githubusercontent.com/thctlo/debian-scripts/master/systemd-failure-notification.sh
If any service failes, you get email.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> Rowland Penny via samba
> Verzonden: dinsdag 12 oktober 2021 10:53
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Unable to join domain
>
> On Tue, 2021-10-12 at 09:01 +0200, L.P.H. van Belle via samba wrote:
> >
> >
> > > -----Oorspronkelijk bericht-----
> > > Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> > > Rowland Penny via samba
> > > Verzonden: maandag 11 oktober 2021 17:08
> > > Aan: samba at lists.samba.org
> > > Onderwerp: Re: [Samba] Unable to join domain
> > >
> > > On Mon, 2021-10-11 at 09:54 -0500, Patrick Goetz via samba wrote:
> > > > Maybe another thing to work on for the next release? <:)
> > > >
> > > > Or is there a technical reason why this isn't possible?
> > >
> > > It is because only ntp or chrony know anything about
'mssntp' and
> > > 'ntp_signd'
> > >
> > > > I've long ago
> > > > stopped installing ntp on anything under normal conditions,
> > > > since
> > > > systemd-timedated just works.
> > >
> > > 'systemd-timedated' only knows 'sntp' so you
cannot use
> it with AD.
> > > It
> > > isn't Samba that needs updating to use systemd-timedated, it
is
> > > systemd-timedated that needs updating to work with Samba AD.
> > >
> > > Rowland
> > >
> >
> > Samba-ad-dc use ntp
> > Samba members systemd-timedated works fine.
> >
> > Thats how i run it here.
>
> Then your workstations are not using the DC's as their time servers.
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
>