[Samba] help with chrony time synchronisation
James Browning
jamesb192 at jamesb192.com
Thu Nov 6 16:46:08 UTC 2025
Steven Monai via samba <samba at lists.samba.org> wrote:
> In summary, both chrony and ntpsec can provide MS-SNTP service to
> Windows domain clients of Samba AD, provided that the domain function
> level is 2008_R2. Newer domain function levels seem to prevent MS-SNTP
> working. Perhaps this is by design? Or a bug? I don't know.
There is a 'better' MS-SNTP available. I do not think Chrony classic NTP, or NTPsec support it.
I had a dang wall of text that I didn't care about with a few diagrams and snippets I slightly did.
Whoever is/was in charge of the document did not document the changes to the document itself.
Adding support downstream for the new signing scheme isn't feasible unless it is supported in Samba and documented.
Feel free to ignore me. I'm just a bitter asshole.
https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-sntp/8106cb73-ab3a-4542-8bc8-784dd32031cc
More information about the samba
mailing list