[Samba] Samba4 Windows Client Time Sync Issue

Rowland Penny rpenny at samba.org
Mon Jun 26 16:11:24 UTC 2023 


On 26/06/2023 16:10, Marco Shmerykowsky PE via samba wrote:
> On 6/24/2023 5:23 PM, Andrey Repin wrote:
>> Hello Marco Shmerykowsky PE,
>>
>> Friday, June 23, 2023, 6:32:38 PM, you wrote:
>>
>>> I just realized that some of my Windows 10 clients do
>>> not appear to be syncing the time correctly.
>>
>>> I setup NTP to run on my Netgate PFSense server.  It is
>>> using pfsense.pool.ntp.org Time Servers.  I configured NTP
>>> on my Samba servers to point to back to the PFSense Server.
>>
>>> NTP on the samba servers have the following ntp.conf files:
>>
>>> # /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
>>
>>> driftfile /var/lib/ntp/ntp.drift
>>
>>> statistics loopstats peerstats clockstats
>>> filegen loopstats file loopstats type day enable
>>> filegen peerstats file peerstats type day enable
>>> filegen clockstats file clockstats type day enable
>>
>>> server PFSENSE-SERVER iburst
>>
>> Write full DNS name here for clarity, or use IP address if name 
>> resolution
>> could fail.
>>
>>> restrict -4 default kod notrap nomodify nopeer noquery limited
>>> restrict -6 default kod notrap nomodify nopeer noquery limited
>>
>>> restrict 127.0.0.1
>>> restrict ::1
>>
>>> restrict source notrap nomodify noquery
>>
>>> Should this be working? If not what should I be correcting?
>>
>> For win10 clients, reset and restart w32tm service.
>>
>> w32tm /unregister
>> w32tm /register
>> w32tm /config ...
>>
>>
> 
> The ip address is specified in the config files.
> I just "redacted" it for the post.
> 
> The win32tm commands above didn't change anything.  The client computers
> that are not syncing report "Local CMOS Clock" in response to the
> command "w32tm /query /source".  The machines where the clock is
> syncing report:
> 
> ip_address_of_NTP_Server,0x9
> 
> Another point.  The Samba wiki notes to set
> 
> ntpsigndsocket /usr/local/samba/var/lib/ntp_signd/
> 
> in the ntp.conf file.  I don't have that line in the config files, but
> 'netstat -xpln|grep signd' des return something:
> 
> unix  2      [ ACC ]     STREAM     LISTENING     106800290 32101/samba: 
> task[n  /var/lib/samba/ntp_signd/socket
> 
> 

Your clients should be using a DC as their time server and the DC's 
could then use your netgate appliance.

You might want to read this:

https://wiki.samba.org/index.php/Time_Synchronisation

Rowland

More information about the samba mailing list