search

0x21-consulting / ElderberryPi

A secure-by-default, self-healing, small business server for the RaspberryPi
4 stars 1 forks source link

Ensure samba can proxy ntp requests from windows clients to ntpd #3

Closed micchickenburger closed 4 years ago

micchickenburger commented 4 years ago

https://wiki.samba.org/index.php/Time_Synchronisation

nptd as a role already exists and appears to function; however, windows clients use NT5DS to sync time which uses digital signatures. This requires particular configuration both in ntpd and samba.

micchickenburger commented 4 years ago

Resolved in commit 9c2e026.

Can verify with

C:\> w32tm /resync /rediscover
Sending resync command to local computer...
The command completed successfully.

C:\> w32tm /query /status
Leap Indicator: 0(no warning)
Stratum: 3 (secondary reference - syncd by (S)NTP)
Precision: -23 (119.209ns per tick)
Root Delay: 0.0281429s
Root Dispersion: 8.1596032s
ReferenceId: 0xC0A80202 (source IP:  192.168.2.2)
Last Successful Sync Time: 4/8/2020 6:24:59 AM
Source: blueberrypi.test.0x21.consulting
Poll Interval: 10 (1024s)