----- Original Message ----- > From: "Robert Gurdon" <sandbox...@gmail.com> > To: "Andrew Martin" <amar...@xes-inc.com> > Sent: Saturday, July 27, 2013 7:02:51 AM > Subject: Re: [Samba] Correct NTP Settings for Samba 4.0.6? > > Yo, > > Could you attach your ntp log when you start/restart it? > > Robert > > > 2013-07-27 08:26 keltezéssel, Andrew Martin írta: > > Hello, > > > > I recently compiled Samba 4.0.6 (as an AD DC) and am running it on > > Ubuntu 12.04. > > I followed the instructions on the Samba wiki > > (https://wiki.samba.org/index.php/Configure_NTP) > > for how to configure ntp, however the domain clients are rejecting > > the DCs as > > being acceptable time sources. Below is my ntp.conf: > > > > server 127.127.1.0 > > fudge 127.127.1.0 stratum 10 > > server 0.pool.ntp.org iburst prefer > > server 1.pool.ntp.org iburst prefer > > driftfile /var/lib/ntp/ntp.drift > > logfile /var/log/ntp > > ntpsigndsocket /var/run/samba/ntp_signd > > restrict default kod nomodify notrap nopeer mssntp > > restrict 127.0.0.1 > > restrict 0.pool.ntp.org mask 255.255.255.255 nomodify notrap nopeer > > noquery > > restrict 1.pool.ntp.org mask 255.255.255.255 nomodify notrap nopeer > > noquery > > > > Using Ubuntu, I am not using SELinux. I do not believe there to be > > any problems > > with apparmor, as it contains these lines in > > /etc/apparmor.d/usr.sbin.ntpd: > > # samba4 ntp signing socket > > /{,var/}run/samba/ntp_signd/socket rw, > > > > What is the correct procedure for configuring NTP for a Samba4 AD > > DC? > > > > Thanks, > > > > Andrew > > -- > Kind regards: > > Robert > > > Robert,
Sure, thanks for the help. Here are log messages when I restart ntpd: Jul 27 09:14:02 dc1 ntpd[30565]: ntpd exiting on signal 15 Jul 27 09:14:04 dc1 ntpd[5957]: ntpd 4.2.6p3@1.2290-o Tue Jun 5 20:12:08 UTC 2012 (1) Jul 27 09:14:04 dc1 ntpd[5958]: proto: precision = 0.345 usec Jul 27 09:14:04 dc1 ntpd[5958]: ntp_io: estimated max descriptors: 1024, initial socket boundary: 16 Jul 27 09:14:04 dc1 ntpd[5958]: Listen and drop on 0 v4wildcard 0.0.0.0 UDP 123 Jul 27 09:14:04 dc1 ntpd[5958]: Listen and drop on 1 v6wildcard :: UDP 123 Jul 27 09:14:04 dc1 ntpd[5958]: Listen normally on 2 lo 127.0.0.1 UDP 123 Jul 27 09:14:04 dc1 ntpd[5958]: Listen normally on 3 eth0 192.168.0.102 UDP 123 Jul 27 09:14:04 dc1 ntpd[5958]: Listen normally on 4 eth0 192.168.0.221 UDP 123 Jul 27 09:14:04 dc1 ntpd[5958]: Listen normally on 5 eth0 fe80::5054:ff:fece:1e3b UDP 123 Jul 27 09:14:04 dc1 ntpd[5958]: Listen normally on 6 lo ::1 UDP 123 Jul 27 09:14:04 dc1 ntpd[5958]: peers refreshed Jul 27 09:14:04 dc1 ntpd[5958]: Listening on routing socket on fd #23 for interface updates Jul 27 09:14:04 dc1 ntpd[5958]: MS-SNTP signd operations currently block ntpd degrading service to all clients. The ntp_signd directory is empty: root@dc1:/# ls -l /var/run/samba/ntp_signd total 0 root@dc1:/# ls -l /var/run/samba/ | grep ntp drwxr-x--- 2 ntp ntp 40 Jul 8 16:40 ntp_signd Thanks, Andrew -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba