[Samba] Joining Windows 10 Domain Member to Samba AD/DC

Rowland Penny rpenny at samba.org
Sat Jan 6 18:24:36 UTC 2024


On Sat, 06 Jan 2024 13:06:48 -0500
Mark Foley via samba <samba at lists.samba.org> wrote:

> On Sat Jan  6 03:34:43 2024 Rowland Penny via samba
> <samba at lists.samba.org> wrote:
> >
> > On Fri, 5 Jan 2024 23:53:52 +0000
> > Luis Peromarta via samba <samba at lists.samba.org> wrote:
> >
> > > You think ntp works with samba but it doesn’t.
> >
> > Sorry, but 'ntp' does work, it is the rewrite for more security
> > 'ntpsec' that doesn't seem to work.
> >
> > > 
> > > You *must* use chrony. It will take you exactly 5 minutes to get
> > > it up and running. 
> >
> > Chrony does seem to work, I just hope they do not follow ntpsec down
> > the same path.
> >
> > The other thing that you have to know, Mark Foley is using
> > Slackware,
> >
> > Rowland
> 
> In this case, I think Slackware is not a factor. For one thing, I
> downloaded the ntp 4.2.8p17 source and built it using
> --enable-ntp-signd; not the as-shipped Slackware version.
> 

I was trying to point out that your version of 'ntp' might be okay
because it came from Slackware (which seemingly it doesn't). The
problem with 'ntp' became apparent on Debian 12, where the 'ntp'
package was replaced by the 'ntpsec' package, where 'ntpsec' appears to
be a rewrite of 'ntp' to provide more security. The only problem is
that the connection between Samba and ntp was secure and 'ntpsec' seems
to have broken this and cannot seem to fix it (my understanding, which
may be wrong, is that they haven't a clue how it worked between 'ntp'
and 'Samba', so they do not really know what, if anything, they
removed.).

My understanding is that if you are using 'ntp' (and not ntpsec), then
it should still work.

Rowland



More information about the samba mailing list