On Sat Feb 10 17:05:46 2024 Mark Foley via samba <samba at lists.samba.org> wrote:> On Sat Feb 10 15:31:47 2024 Sonic <sonicsmith at gmail.com> wrote: > > On Sat, Feb 10, 2024 at 2:20?PM Mark Foley via samb<samba at lists.samba.org> wrote: > > Does chrony have to be built in some special way to enable ntp-signd? > > Needs to be configured with "--enable-ntp-signd". > > > I may have to build from sources. I downloaded from the SlackBuilds repo and > > have no idea how it was built. Is there an option to chronyd to list build > > options? I didn't see one in the manpage.YAAAAAAAY! Finally! I have my Windows domain members syncing with the DC!!! Thanks to all who helped on this issue. Thanks in particular to luis whose advice to 'tcpdump -v -i eth0 port 123' gave me the clue I needed to carry on, which showed that my time server program(s) were not replying to the Windows signd queries. The need for signd was not new to me. I built ntpd from source 10 years ago with --enable-ntp-signd and that worked fine. I thought I had done this on the new DC as well, several times in fact, but either the 'make install' messed up or I messed something up (probably the latter) and it just wouldn't work. On the advice of many I installed chrony from the SlackBuilds repo, but that build was not enabled for ntp-signd. Finally I downloaded the chrony 4.5 source tarball from https://chrony-project.org/download.html and built it with: ./configure --prefix=/sbin --with-user=chrony --mandir=/usr/man --enable-ntp-signd. Thanks to Chris "Sonic" who gave me the --enable-ntp-signd option. That wasn't mentioned in the INSTALL file (although was in the list in the configure script comments). That worked! My Windows computers now have: w32tm /query /source mail.hprs.local Again, thanks to all for your help and patience. --Mark
Luis Peromarta
2024-Feb-11 07:05 UTC
[Samba] Joining Windows 10 Domain Member to Samba AD/DC
Congratulations. Happy to hear you got it running. Just out of curiosity and apologies if this has been answered before, but why Slack and not Debian when general consensus is Debian is great for Samba ? Building a Samba AD on Debian is painless and takes 20m from start to finish. Anyway, glad you sort it. LP. On 11 Feb 2024 at 05:11 +0100, Mark Foley <mfoley at novatec-inc.com>, wrote:> > YAAAAAAAY! Finally! I have my Windows domain members syncing with the DC!!!