[Samba] DC Time Problems
Ham
ham at kc0dxf.net
Wed Oct 25 16:53:07 UTC 2023
It appears that none of our windows clients are syncing their time with
the samba DC. From what I can tell they are not able to get a
response from the DC. For example, where the DC is named athena:
>w32tm /monitor /computers:athena
athena[10.10.1.10:123]
ICMP: 0ms delay
NTP: error ERROR_TIMEOUT - no response from server in 1000ms
From a Linux machine there is also no response:
ntpdate -q athena
24 Oct 16:47:41 ntpdate[33581]: no server suitable for
synchronization found
Here is the DC /etc/ntpsec/ntp.conf:
# Where to retrieve the time from
server 0.pool.ntp.org iburst prefer
server 1.pool.ntp.org iburst prefer
server 2.pool.ntp.org iburst prefer
driftfile /var/lib/ntpsec/ntp.drift
logfile /var/log/ntp.log
#logconfig =all
ntpsigndsocket /var/lib/samba/ntp_signd/
# Access control
# Default restriction: Allow clients only to query the time
#restrict default kod nomodify notrap nopeer limited mssntp
restrict -4 default kod limited nomodify notrap nopeer noquery mssntp
# No restrictions for "localhost"
restrict 127.0.0.1
# Enable the time sources to only provide time to this host
restrict 0.pool.ntp.org mask 255.255.255.255 nomodify notrap nopeer
noquery
restrict 1.pool.ntp.org mask 255.255.255.255 nomodify notrap nopeer
noquery
restrict 2.pool.ntp.org mask 255.255.255.255 nomodify notrap nopeer
noquery
My DC is using Debian 11 and the Samba package from Debian.
Any ideas on what the problem is?
--
Ham
More information about the samba
mailing list