[Samba] Time synchronization problem. Chrony, ntp
spindles seven
spindles7 at gmail.com
Mon Jan 20 20:52:43 UTC 2025
On 20 January 2025 19:31 Luis Peromarta wrote:
>
> My tests:
>
> -Boot a backed up “new” VM with chrony 4.3 and samba 4.19 installed, joined a new
> Win 10 machine, time syncs OK with Type: NT5DS.
> -Updated DC samba to 4.21.3 without removing the Windows machine from domain.
> Time syncs OK with NT5DS.
> -Leave domain, try to w32tm /monitor -> error can’t reach DCs (expected)
> -Join domain again: time syncs OK with NT5DS.
>
> I can’t reproduce.
OK, so I test again - see below.
>
> >
> > I tested an old version of a bookworm dc with Samba version 4.17.5 and a
> Windows 10 Pro version 1903
> > The dc is running chrony version 4.3-1+b1. The Windows machine has no
> amendments to its time settings, no GPO no registry settings, so when it was joined
> to the domain the Type is NT5DS when w32tm /query /configuration command is
> run. Ie it's out of the box. With this setup the time synchronisation works OK, with the
> w32tm /query /status giving successful result and citing the dc as its source.
> >
> > I then removed the Windows machine from that domain and joined it to a domain
> where its dc is running Samba version 4.21.3 and Chrony 4.3-2. Made no changes to
> the time settings and the w32tm /query /configuration command indicated that the
> Type is still NT5DS but the status shows the source as Local CMOS clock and the
> last successful sync is unspecified.
> >
> > This seems to confirm that something has changed between Samba 4.17.x and
> 4.21.
> >
> > As others have stated, to get it to work with current versions of samba, the Type
> has to be set to NTP and to specify a DC as source on Windows machines.
> >
> > HTH,
> >
> > Roy
> >
Further investigation, I found that chrony did not have read access to the ntp_signd folder in /var/lib/samba in the dc running samba 4.21.3. Fixing that and retesting shows that samba 4.21.3 also works OK out of the box.
Sorry for the noise!
Roy
More information about the samba
mailing list