NTP Configuration [Was: Re: A successful Samba 4 deployment]

Christopher R. Hertel crh at ubiqx.mn.org
Thu Dec 2 13:42:49 MST 2010

Does Windows use NTP or SNTP protocol?

Mark Rutherford wrote:
> I never got it to work personally.
> If anyone has better luck with this I would love to hear it.
> My Windows clients do not appear to be sending the requests in a format
> the NTP daemon thinks it should sign.
> So the NTP daemon sends back an unsigned reply, from what I can tell.
> I just have not had time to sit there with a debugger to see what it's
> doing.
> On 12/2/2010 3:23 PM, Adam Tauno Williams wrote:
>> On Thu, 2010-11-11 at 05:27 -0500, Mark Rutherford wrote:
>>> The version in Debian Lenny does not appear to be compiled with
>>> --enable-ntp-signd so your
>>> going to have to compile it yourself.
>>> I was looking at the patch supplied to the NTP developers for clues and
>>> found a lot:
>>> https://support.ntp.org/bugs/show_bug.cgi?id=1028
>>> Putting ntpd in debug I never appear to get into send_via_ntp_signd() so
>>> I fear that I will be sitting here
>>> with wireshark, gdb and a Windows box unless anyone has a clue how my
>>> clients could be misconfigured?
>>> Is...
>>> w32tm /resync /rediscover
>>> the proper way to get a windows client to query the domain controller
>>> for time?
>>> When I do this I can see the ntp server getting the request, so it does
>>> something.
>> Are there any required steps to integrating NTP&  Samba4?  The Samba4
>> howto does not mention time service at all.  The suggested configuration
>> below declares the path "/data/samba/samba4/prefix/var/run/ntp_signd/";
>> does Samba4 need to be informed of the NTP socket's path in some manner
>> (smb.conf directive?)?
>> <ASIDE>I have a compatible NTP running on openSUSE 11.3 from the repo @
>> http://download.opensuse.org/repositories/home:/namtrac/openSUSE_11.3/
>> openSUSE has a bug for this issue [proper version of NTP]
>> <https://bugzilla.novell.com/show_bug.cgi?id=657194>
>> </ASIDE>
>>> On 11/9/2010 2:45 PM, Andrew Bartlett wrote:
>>>> On Tue, 2010-11-09 at 11:00 -0500, Mark Rutherford wrote:
>>>>> We have been running for almost 2 weeks now without any major
>>>>> problems.
>>>>> All the problems I have encountered have been minor and fixed fairly
>>>>> quickly.
>>>>> The second issue has been time on clients.
>>>>> I have ntpd running on the DC but windows clients just throw event
>>>>> logs
>>>>> about not being able to get time from the domain controller for the
>>>>> last 8 times, etc etc.
>>>>> I have read some places that Windows uses sntp instead of ntp so I am
>>>>> not really sure about what I should be doing.
>>>> They are essentially the same protocol for PC-level clients, and they
>>>> use real NTP now anyway.
>>>> You need to install a current version of the ntp server, and have it
>>>> compiled with the options to know to talk to samba.  (compile ntp with
>>>> the --enable-ntp-signd configure option or use current debian or
>>>> ubuntu).
>>>> in the ntp.conf you need (from memory)
>>>> restrict mynet mssntp
>>>> signdsocketdir /data/samba/samba4/prefix/var/run/ntp_signd/

"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org

More information about the samba-technical mailing list