[Samba] Time sync
L.P.H. van Belle
belle at bazuin.nl
Mon Feb 10 00:41:40 MST 2014
Hai,
Here is the way to setup Time in AD .
http://blogs.technet.com/b/nepapfe/archive/2013/03/01/it-s-simple-time-configuration-in-active-directory.aspx
If above don't work, a dirty trick is to give the "Domain users" accesss on the registry key for Time
i didnt test this with windows 7, but for xp this works.
Gr.
Louis
Van: Sandbox [mailto:sandboxheh at gmail.com]
Verzonden: maandag 10 februari 2014 8:08
Aan: L.P.H. van Belle; samba at lists.samba.org
Onderwerp: Re: [Samba] Time sync
Hi,
I tried everything as admin.
w32tm /query /peers gives a response:
Partners: 1
domainc02.zirc.tak.lan
Status: Active
Remaining time: 553.2830765s
Mode: 3 (not specified)
Stratum: 0
Query time: 0 (not specified)
Station query time: 10 (1024s)
2014-02-07 15:03 GMT+01:00 L.P.H. van Belle <belle at bazuin.nl>:
what your saying is correct.
Permission denied 0x8007005 is correct, if you did run it as "User"
Your "users" are no admin, and you need to do this as adminsitrator ( or member of admin group )
test it as adminstrator.
( of temporarly add a user to "Domain Admin" and try again.
what does : w32tm /query /peers says when run as Administrator?
>-----Oorspronkelijk bericht-----
>Van: sandboxheh at gmail.com
>[mailto:samba-bounces at lists.samba.org] Namens Sandbox
>Verzonden: vrijdag 7 februari 2014 14:48
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] Time sync
>
>Hy Guys,
>
>
>My samba version: 4.0.13
>ntp version: 4.2.6p3
>Ubuntu 12.04.3 LTS
>
>I have a weird problem, I sat up the time service via
>https://wiki.samba.org/index.php/Configure_NTP
>
>On the servers I have no firewall.
>This port is open when i check with nmap, ntp runs.
>
>Looks like all of my Windows 7 clients works fine but w32tm
>/resync says
>Permission denied 0x8007005, so not that good :)
>
>Windows XP, Windows 2003 server machines could not syncronize,
>my logs are
>full of w32tm error messages. eg: can't find any suitable time
>server, or
>the time server is not answered for X tries ...
>
>When i try to run w32tm /resync it says, cant find any time server, but
>when i run w32tm /monitor it shows all 3 domain servers
>
>If I run tcpdump 0 package reach the server with the w32tm
>/resync command,
>if i run w32tm /monitor command the packages shown on the
>server as you can
>see below:
>
>DOMAINC01 tcpdump:
>
>root at domainc01:/etc# tcpdump 'udp port 123' -v
>tcpdump: listening on eth0, link-type EN10MB (Ethernet),
>capture size 65535
>bytes
>14:34:05.797192 IP (tos 0x0, ttl 128, id 21522, offset 0, flags [none],
>proto UDP (17), length 76)
> 10.48.16.29.49352 > domainc01.zirc.tak.lan.ntp: NTPv1, length 48
> Client, Leap indicator: (0), Stratum 0 (unspecified), poll 0s,
>precision 0
> Root Delay: 0.000000, Root dispersion: 0.000000, Reference-ID:
>(unspec)
> Reference Timestamp: 0.000000000
> Originator Timestamp: 0.000000000
> Receive Timestamp: 0.000000000
> Transmit Timestamp: 3600768998.104618303
>(2014/02/07 14:36:38)
> Originator - Receive Timestamp: 0.000000000
> Originator - Transmit Timestamp: 3600768998.104618303
>(2014/02/07 14:36:38)
>14:34:05.797337 IP (tos 0xc0, ttl 64, id 0, offset 0, flags
>[DF], proto UDP
>(17), length 76)
> domainc01.zirc.tak.lan.ntp > 10.48.16.29.49352: NTPv1, length 48
> Server, Leap indicator: (0), Stratum 13 (secondary reference),
>poll 3s, precision -20
> Root Delay: 0.000000, Root dispersion: 7.947891, Reference-ID:
>127.127.1.0
> Reference Timestamp: 3600768819.036704674
>(2014/02/07 14:33:39)
> Originator Timestamp: 3600768998.104618303
>(2014/02/07 14:36:38)
> Receive Timestamp: 3600768845.797192633
>(2014/02/07 14:34:05)
> Transmit Timestamp: 3600768845.797325670
>(2014/02/07 14:34:05)
> Originator - Receive Timestamp: -152.307425647
> Originator - Transmit Timestamp: -152.307292610
>14:34:45.036688 IP (tos 0xc0, ttl 64, id 0, offset 0, flags
>[DF], proto UDP
>(17), length 76)
> domainc01.zirc.tak.lan.ntp > 10.48.16.254.ntp: NTPv4, length 48
> Client, Leap indicator: (0), Stratum 13 (secondary reference),
>poll 6s, precision -20
> Root Delay: 0.000000, Root dispersion: 3.947769, Reference-ID:
>127.127.1.0
> Reference Timestamp: 3600768883.036675784
>(2014/02/07 14:34:43)
> Originator Timestamp: 0.000000000
> Receive Timestamp: 0.000000000
> Transmit Timestamp: 3600768885.036673054
>(2014/02/07 14:34:45)
> Originator - Receive Timestamp: 0.000000000
> Originator - Transmit Timestamp: 3600768885.036673054
>(2014/02/07 14:34:45)
>14:34:46.036698 IP (tos 0xc0, ttl 64, id 0, offset 0, flags
>[DF], proto UDP
>(17), length 76)
> domainc01.zirc.tak.lan.ntp > 10.48.0.0.ntp: NTPv4, length 48
> Broadcast, Leap indicator: (0), Stratum 13 (secondary
>reference),
>poll 6s, precision -20
> Root Delay: 0.000000, Root dispersion: 3.947784, Reference-ID:
>127.127.1.0
> Reference Timestamp: 3600768883.036675784
>(2014/02/07 14:34:43)
> Originator Timestamp: 0.000000000
> Receive Timestamp: 0.000000000
> Transmit Timestamp: 3600768886.036677435
>(2014/02/07 14:34:46)
> Originator - Receive Timestamp: 0.000000000
> Originator - Transmit Timestamp: 3600768886.036677435
>(2014/02/07 14:34:46)
>
>DOMAINC02 tcpdump:
>
>root at domainc02:/var/log# tcpdump 'udp port 123' -v
>tcpdump: listening on eth0, link-type EN10MB (Ethernet),
>capture size 65535
>bytes
>14:33:52.297447 IP (tos 0xc0, ttl 64, id 0, offset 0, flags
>[DF], proto UDP
>(17), length 76)
> domainc02.zirc.tak.lan.ntp > 10.48.16.254.ntp: NTPv4, length 48
> Client, Leap indicator: (0), Stratum 13 (secondary reference),
>poll 6s, precision -20
> Root Delay: 0.000000, Root dispersion: 7.947509, Reference-ID:
>127.127.1.0
> Reference Timestamp: 3600768831.297442376
>(2014/02/07 14:33:51)
> Originator Timestamp: 0.000000000
> Receive Timestamp: 0.000000000
> Transmit Timestamp: 3600768832.297414183
>(2014/02/07 14:33:52)
> Originator - Receive Timestamp: 0.000000000
> Originator - Transmit Timestamp: 3600768832.297414183
>(2014/02/07 14:33:52)
>14:33:53.297425 IP (tos 0xc0, ttl 64, id 0, offset 0, flags
>[DF], proto UDP
>(17), length 76)
> domainc02.zirc.tak.lan.ntp > 10.48.0.0.ntp: NTPv4, length 48
> Broadcast, Leap indicator: (0), Stratum 13 (secondary
>reference),
>poll 6s, precision -20
> Root Delay: 0.000000, Root dispersion: 7.947525, Reference-ID:
>127.127.1.0
> Reference Timestamp: 3600768831.297442376
>(2014/02/07 14:33:51)
> Originator Timestamp: 0.000000000
> Receive Timestamp: 0.000000000
> Transmit Timestamp: 3600768833.297407180
>(2014/02/07 14:33:53)
> Originator - Receive Timestamp: 0.000000000
> Originator - Transmit Timestamp: 3600768833.297407180
>(2014/02/07 14:33:53)
>14:34:11.782722 IP (tos 0x0, ttl 128, id 21523, offset 0, flags [none],
>proto UDP (17), length 76)
> 10.48.16.29.49353 > domainc02.zirc.tak.lan.ntp: NTPv1, length 48
> Client, Leap indicator: (0), Stratum 0 (unspecified), poll 0s,
>precision 0
> Root Delay: 0.000000, Root dispersion: 0.000000, Reference-ID:
>(unspec)
> Reference Timestamp: 0.000000000
> Originator Timestamp: 0.000000000
> Receive Timestamp: 0.000000000
> Transmit Timestamp: 3600768998.104618303
>(2014/02/07 14:36:38)
> Originator - Receive Timestamp: 0.000000000
> Originator - Transmit Timestamp: 3600768998.104618303
>(2014/02/07 14:36:38)
>14:34:11.782851 IP (tos 0xc0, ttl 64, id 0, offset 0, flags
>[DF], proto UDP
>(17), length 76)
> domainc02.zirc.tak.lan.ntp > 10.48.16.29.49353: NTPv1, length 48
> Server, Leap indicator: (0), Stratum 13 (secondary reference),
>poll 3s, precision -20
> Root Delay: 0.000000, Root dispersion: 7.947799, Reference-ID:
>127.127.1.0
> Reference Timestamp: 3600768831.297442376
>(2014/02/07 14:33:51)
> Originator Timestamp: 3600768998.104618303
>(2014/02/07 14:36:38)
> Receive Timestamp: 3600768851.782722771
>(2014/02/07 14:34:11)
> Transmit Timestamp: 3600768851.782839119
>(2014/02/07 14:34:11)
> Originator - Receive Timestamp: -146.321895509
> Originator - Transmit Timestamp: -146.321779191
>14:34:57.297430 IP (tos 0xc0, ttl 64, id 0, offset 0, flags
>[DF], proto UDP
>(17), length 76)
> domainc02.zirc.tak.lan.ntp > 10.48.16.254.ntp: NTPv4, length 48
> Client, Leap indicator: (0), Stratum 13 (secondary reference),
>poll 6s, precision -20
> Root Delay: 0.000000, Root dispersion: 3.947769, Reference-ID:
>127.127.1.0
> Reference Timestamp: 3600768895.297423839
>(2014/02/07 14:34:55)
> Originator Timestamp: 0.000000000
> Receive Timestamp: 0.000000000
> Transmit Timestamp: 3600768897.297415852
>(2014/02/07 14:34:57)
> Originator - Receive Timestamp: 0.000000000
> Originator - Transmit Timestamp: 3600768897.297415852
>(2014/02/07 14:34:57)
>14:34:58.297434 IP (tos 0xc0, ttl 64, id 0, offset 0, flags
>[DF], proto UDP
>(17), length 76)
> domainc02.zirc.tak.lan.ntp > 10.48.0.0.ntp: NTPv4, length 48
> Broadcast, Leap indicator: (0), Stratum 13 (secondary
>reference),
>poll 6s, precision -20
> Root Delay: 0.000000, Root dispersion: 3.947784, Reference-ID:
>127.127.1.0
> Reference Timestamp: 3600768895.297423839
>(2014/02/07 14:34:55)
> Originator Timestamp: 0.000000000
> Receive Timestamp: 0.000000000
> Transmit Timestamp: 3600768898.297414481
>(2014/02/07 14:34:58)
> Originator - Receive Timestamp: 0.000000000
> Originator - Transmit Timestamp: 3600768898.297414481
>(2014/02/07 14:34:58)
>
>
>10.48.16.254 is my "reference" time server.
>
>net time command runs succesfully
>
>
>MY NTP.CONF:
>
>---------------------------------------------------------
># /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
>
>####SAMBA4 CONF###
>ntpsigndsocket /opt/samba4/var/lib/ntp_signd/
>restrict default mssntp
>logfile /var/log/ntp.log
>server 127.127.1.0
>fudge 127.127.1.0 stratum 12
>driftfile /var/lib/ntp/ntp.drift
>
># Enable this if you want statistics to be logged.
>statsdir /var/log/ntpstats/
>statistics loopstats peerstats clockstats
>filegen loopstats file loopstats type day enable
>filegen peerstats file peerstats type day enable
>filegen clockstats file clockstats type day enable
># Specify one or more NTP servers.
># Use servers from the NTP Pool Project. Approved by Ubuntu
>Technical Board
># on 2011-02-08 (LP: #104525). See
>http://www.pool.ntp.org/join.html for
># more information.
>#server 0.ubuntu.pool.ntp.org
>#server 1.ubuntu.pool.ntp.org
>#server 2.ubuntu.pool.ntp.org
>#server 3.ubuntu.pool.ntp.org
># Use Ubuntu's ntp server as a fallback.
>#server ntp.ubuntu.com
>server 10.48.16.254
>#server 172.21.2.17 iburst prefer
>#server 172.24.15.123 #takinfo kulvilag fele szinkronizalo szerver
>
>#peer 10.48.16.151
>#peer 10.48.16.152
>#peer 10.48.16.153
># Access control configuration; see
>/usr/share/doc/ntp-doc/html/accopt.html
>for
># details. The web page <
>http://support.ntp.org/bin/view/Support/AccessRestrictions>
># might also be helpful.
>#
># Note that "restrict" applies to both servers and clients, so a
>configuration
># that might be intended to block requests from certain
>clients could also
>end
># up blocking replies from your own upstream servers.
># By default, exchange time with everybody, but don't allow
>configuration.
>restrict -4 default kod notrap nomodify nopeer noquery
>restrict -6 default kod notrap nomodify nopeer noquery
># Local users may interrogate the ntp server more closely.
>restrict 127.0.0.1
>restrict ::1
># Clients from this (example!) subnet have unlimited access,
>but only if
># cryptographically authenticated.
>#restrict 192.168.123.0 mask 255.255.255.0 notrust
>
># If you want to provide time to your local subnet, change the
>next line.
># (Again, the address is an example only.)
>broadcast 10.48.0.0
>#mask 255.255.0.0
># If you want to listen to time broadcasts on your local
>subnet, de-comment
>the
># next lines. Please do this only if you trust everybody on
>the network!
>#disable auth
>#broadcastclient
>---------------------------------------------------
>
>
>Are you have any idea why isn't works?
>
>
>Thanks, Robert
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list