Search Results

Search found 207 results on 9 pages for 'ntp'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 4/9 | < Previous Page | 1 2 3 4 5 6 7 8 9  | Next Page >

  • My linux server time and log files are not the same

    - by Martin
    Hi i have installed NTP on my linux server and i am getting my clock from a 6500 core switch, everything is working fine. When i ssh to a switch i have it all sent to a log file on the linux server, this log file does not time stamp with the same time as i have on the server. the date and hwclock are the same. But my my is exatly 6 hours behind my date on the server wich is CET. Has annyone have that same problem ? bedst regards Martin

    Read the article

  • "net time" returns system error 5, "Access is denied", even when run as administrator

    - by Andrew Grant
    I am trying to run net time on a Windows 7 box with an account that is part of the Administrators group. When I run the command net time from an elevated command prompt I get the following error: System error 5 has occurred. Access is denied. Why is this happening? I've looked at this Microsoft Knowledge Base article and have gone through the steps. Both the computer and the DC are connected to the same NTP server and I've verified they're synced I'm working on a local account so there should be no permissions issues There is no local firewall running

    Read the article

  • One Linux server has two timer

    - by garconcn
    The time on one of our Linux box is very weird. Whenever I call date 3 times, the 4th call will give a wrong time(usually 1 hour later). I have setup cron to sync with ntp server. We have 20+ similar servers, only this one has this problem. Any idea? Thanks. Linux 2.6.18-6-686 #1 SMP Thu Aug 20 21:56:59 UTC 2009 i686 GNU/Linux :~# date Fri Jun 11 17:00:51 PDT 2010 :~# date Fri Jun 11 17:00:52 PDT 2010 :~# date Fri Jun 11 17:00:53 PDT 2010 :~# date Fri Jun 11 18:14:12 PDT 2010 :~# date Fri Jun 11 17:00:55 PDT 2010 :~# date Fri Jun 11 17:00:56 PDT 2010 :~# date Fri Jun 11 17:00:56 PDT 2010 :~# date Fri Jun 11 18:14:15 PDT 2010 :~# date Fri Jun 11 17:00:58 PDT 2010 :~# date Fri Jun 11 17:00:58 PDT 2010 :~# date Fri Jun 11 17:00:59 PDT 2010 :~# date Fri Jun 11 18:14:18 PDT 2010 :~# date Fri Jun 11 17:01:01 PDT 2010 :~# date Fri Jun 11 17:01:01 PDT 2010 :~# date Fri Jun 11 17:01:02 PDT 2010 :~# date Fri Jun 11 18:14:21 PDT 2010 :~# date Fri Jun 11 17:01:03 PDT 2010 :~# date Fri Jun 11 17:01:04 PDT 2010 :~# date Fri Jun 11 17:01:05 PDT 2010

    Read the article

  • Xen HVM guest has severe clock drift

    - by ipartola
    I am seeing a very severe clock drift on my Xen HVM VPS, rented from a hosting provider, so I don't have access to the dom0 system. I continuously run ntpd, but the clock drifts by as much as 30 seconds in 5 minutes and NTP cannot keep up. Has anyone experienced this? Here are some details: $ dmesg | grep clock [ 0.160000] Measured 347 cycles TSC warp between CPUs, turning off TSC clock. [ 0.396000] * this clock source is slow. Consider trying other clock sources [ 0.550448] Switching to clocksource acpi_pm [ 0.653135] rtc_cmos 00:05: setting system clock to 2011-03-09 02:45:40 UTC (1299638740) $ cat /sys/devices/system/clocksource/clocksource0/available_clocksource acpi_pm $ cat /sys/devices/system/clocksource/clocksource0/current_clocksource acpi_pm

    Read the article

  • ntpdate -d Server dropped Strata too high

    - by AndyM
    I cannot sync with a NTP source thats coming from an internal router/firewall. Anyone help ? ntppdate -d 192.168.92.82 6 Jun 11:57:30 ntpdate[5011]: ntpdate [email protected] Tue Feb 24 06:32:26 EST 2004 (1) transmit(192.168.92.82) receive(192.168.92.82) transmit(192.168.92.82) receive(192.168.92.82) transmit(192.168.92.82) receive(192.168.92.82) transmit(192.168.92.82) receive(192.168.92.82) transmit(192.168.92.82) 192.168.92.82: Server dropped: strata too high server 192.168.92.82, port 123 stratum 16, precision -19, leap 11, trust 000 refid [73.78.73.84], delay 0.02591, dispersion 0.00002 transmitted 4, in filter 4 reference time: 00000000.00000000 Thu, Feb 7 2036 6:28:16.000 originate timestamp: d1972e03.0ae02645 Mon, Jun 6 2011 11:44:19.042 transmit timestamp: d197311b.0ffac1d2 Mon, Jun 6 2011 11:57:31.062 filter delay: 0.02609 0.02591 0.02594 0.02596 0.00000 0.00000 0.00000 0.00000 filter offset: -792.020 -792.020 -792.020 -792.020 0.000000 0.000000 0.000000 0.000000 delay 0.02591, dispersion 0.00002 offset -792.020152 6 Jun 11:57:31 ntpdate[5011]: no server suitable for synchronization found Edit The server I'm being asked to sync to is a firewall , and I've now been told that it is not syncing with anything. So I suppose I need to know if I can force my server to sync with a server that is stratum 16 i.e not sync'd. Is that possible ?

    Read the article

  • Determine the time difference between two linux servers

    - by Paul
    I am troubleshooting a latency network issue on a network. It is probably a nic or cabling issue, but while I was going through the process of figuring it out, I was looking at the timings of a ping packet leaving a network card and arriving at another server. Both linux. So I have tcpdump running on both, and I issue a ping from one to the other, and back again, and looking at the timing differences might have shed light on where the latency is coming from. It is an academic exercise now, as I need to eliminate some more fundamental causes, but I was curious as to how this could be achieved. Given that ntpd is installed and running on two servers, how can I confirm the current time discrepency between the two servers, to whatever level of accuracy is possible - given that we are talking about latency on a local lan, which is ideally a millisecond or so. NTP itself is accurate to a couple of ms under good conditions, and as both servers are in the same environment, they should (presumably) achieve a similar level of accuracy, and so should have a time discrepency between them of a only few ms - but how can I check this?

    Read the article

  • Time sync fails on Hyper-V VM, but succeeds when I log in as a domain user

    - by Richard Beier
    We have a Windows Server 2003 SP2 VM running on Hyper-V (Server 2008 R2 host). The VM has Hyper-V time synchronization enabled. I noticed that the time on the VM was fast by around 25 minutes. I saw the following in the event log: The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 15 minutes. NtpClient has no source of accurate time. The time provider NtpClient cannot reach or is currently receiving invalid time data from ourdc.ourdomain.local (ntp.d|192.168.2.18:123-192.168.2.2:123). Time Provider NtpClient: No valid response has been received from domain controller ourdc.ourdomain.local after 8 attempts to contact it. This domain controller will be discarded as a time source and NtpClient will attempt to discover a new domain controller from which to synchronize. I had been logged in as a local user. (We have an old app that runs on this VM - it requires a user to be logged in at all times, and we use a non-domain user account for this.) When I logged in as a domain user, the clock almost immediately corrected itself. Running "w32tm /monitor" and "net time" as the domain user showed no errors, and indicated that our domain controller was the time source. Does anyone know what might cause this, and why logging in under a domain account fixes the problem? I'm wondering if the time will start to drift again. Thanks for your help, Richard

    Read the article

  • Active Directory Time Synchronisation - Time-Service Event ID 50

    - by George
    I have an Active Directory domain with two DCs. The first DC in the forest/domain is Server 2012, the second is 2008 R2. The first DC holds the PDC Emulator role. I sporadically receive a warning from the Time-Service source, event ID 50: The time service detected a time difference of greater than %1 milliseconds for %2 seconds. The time difference might be caused by synchronization with low-accuracy time sources or by suboptimal network conditions. The time service is no longer synchronized and cannot provide the time to other clients or update the system clock. When a valid time stamp is received from a time service provider, the time service will correct itself. Time sync in the domain is configured with the second DC to synchronise using the /syncfromflags:DOMHIER flag. The first DC is configured to sync time using a /syncfromflags:MANUAL /reliable:YES, from a peerlist consisting of a number of UK based stratum 2 servers, such as ntp2d.mcc.ac.uk. I'm confused why I receive this event warning. It implies that my PDC emulator cannot synchronise time with a supposedly reliable external time source, and it quotes a time difference of 5 seconds for 900 seconds. It's worth also mentioning that I used to use a UK pool from ntp.org but I would receive the warning much more often. Since updating to a number of UK based academic time servers, it seems to be more reliable. Can someone with more experience shed some light on this - perhaps it is purely transient? Should I disregard the warning? Is my configuration sound? EDIT: I should add that the DCs are virtual, and installed on two separate VMware ESXi/vSphere physical hosts. I can also confirm that as per MDMarra's comment and best practice, VMware timesync is disabled, since: c:\Program Files\VMware\VMware Tools\VMwareToolboxCmd.exe timesync status returns Disabled. EDIT 2 Some strange new issue has cropped up. I've noticed a pattern. Originally, the event ID 50 warnings would occur at about 1230pm each day. This is interesting since our veeam backup happens at 12 midday. Since I made the changes discussed here, I now receive an event ID 51 instead of 50. The new warning says that: The time sample received from peer server.ac.uk differs from the local time by -40 seconds (Or approximately 40 seconds). This has happened two days in a row. Now I'm even more confused. Obviously the time never updates until I manually intervene. The issue seems to be related to virtualisation and veeam. Something may be occuring when veeam is backing up the PDCe. Any suggestions? UPDATE & SUMMARY msemack's excellent list of resources below (the accepted answer) provided enough information to correctly configure the time service in the domain. This should be the first port of call for any future people looking to verify their configuration. The final "40 second jump" issue I have resolved (there are no more warnings) through adjusting the VMware time sync settings as noted in the veeam knowledge base article here: http://www.veeam.com/kb1202 In any case, should any future reader use ESXi, veeam or not, the resources here are an excellent source of information on the time sync topic and msemack's answer is particularly invaluable.

    Read the article

  • Ntpd monitoring

    - by f4
    Is it possible to monitor an ntpd server running on windows using snmp ( or possibly something else ) I couldn't find any documentation on the subject. I'm interested in any information the server can provide, like current date / time, connection status... All I know about the ntp server for now is that it comes from here I would greatly appreciate if any of you have some experience to share on this.

    Read the article

  • Synchronizing time between two Windows 7 machines connected with a LAN cable

    - by Markus Roth
    I have a number laptops that run our application while connected to each other in pairs with an ethernet cable, but not connected to any external network or the internet. T I need the connected pair to synchronize their system times, but since every computer needs to be able to synch with any other computer, I can't define one computer to be a time-server and the other to be a client. Is there a way to do this with NTP? Or some other way?

    Read the article

  • iptables to play nice with tor and ntpd

    - by directedition
    I'm setting up a server to operate as a tor relay and nothing else. I setup iptables to only allow talk on port 9001 and it worked fine, but there was an issue, the clock needs to be properly set and maintained for the relay to work properly, so I needed ntpd setup and running, but for some reason I can't get iptables to work as I want it. I'm trying to have it allow only tor and ntpd to talk over the network, but when I set it up to allow port 123 using udp, suddenly it ignores my -A OUTPUT ! -s 127.0.0.1 -j DROP and allows everything through. How should I go about this? Please excuse my ignorance, I've brand new to iptables.

    Read the article

  • Best practice for system clock sync on KVM host

    - by Tauren
    I have an Ubuntu 9.10 server running as a KVM host with ntpd installed on it. The host system has the correct system time. At the moment I only have a single KVM guest, also Ubuntu 9.10 server. I do not have ntpd installed on it, and I just discovered the clock is about 6 minutes slow. It wasn't that way when it was installed about a month ago. I thought that I only needed to keep the host clock synchronized and that the guests used the host clock. But maybe that is a memory from using OpenVZ. I believe the reasoning was related to only the host could modify the physical system clock. Is running ntpd on both the host and all the guests the correct thing to do? Or is there something else that is preferred? How should I keep the guest clocks in sync?

    Read the article

  • Crazy VM clock drift

    - by SimonJGreen
    This is taken from an Ubuntu 10.10 VM running on ESX5: Nov 3 21:58:50 server1 ntpd[21169]: adjusting local clock by 31.187370s Nov 3 22:02:36 server1 ntpd[21169]: adjusting local clock by 31.159808s Nov 3 22:05:18 server1 ntpd[21169]: adjusting local clock by 31.067579s Nov 3 22:07:59 server1 ntpd[21169]: adjusting local clock by 30.952187s Nov 3 22:11:38 server1 ntpd[21169]: adjusting local clock by 30.890147s According to the VMWare KB no kernel tweaks should be needed for Ubuntu 10.10 to maintain time to their standards. What's especially odd is the drift seems fairly consistent. Any help appreciated on this one!

    Read the article

  • Anyone else experiencing high rates of linux server crashes today?

    - by Bron Gondwana
    Just today, Sat June 30th - starting soon after the start of the day GMT. We've had a handful of blades in different datacentres as managed by different teams all go dark - not responding to pings, screen blank. They're all running Debian Squeeze - with everything from stock kernel to custom 3.2.21 builds. Most are Dell M610 blades, but I've also just lost a Dell R510 and other departments have lost machines from other vendors too. There was also an older IBM x3550 which crashed and which I thought might be unrelated, but now I'm wondering. The one crash which I did get a screen dump from said: [3161000.864001] BUG: spinlock lockup on CPU#1, ntpd/3358 [3161000.864001] lock: ffff88083fc0d740, .magic: dead4ead, .owner: imapd/24737, .owner_cpu: 0 Unfortunately the blades all supposedly had kdump configured, but they died so hard that kdump didn't trigger - and they had console blanking turned on. I've disabled console blanking now, so fingers crossed I'll have more information after the next crash. Just want to know if it's a common thread or "just us". It's really odd that they're different units in different datacentres bought at different times and run by different admins (I run the FastMail.FM ones)... and now even different vendor hardware. Most of the machines which crashed had been up for weeks/months and were running 3.1 or 3.2 series kernels. The most recent crash was a machine which had only been up about 6 hours running 3.2.21.

    Read the article

  • What happens when router has been set to incorrect time?

    - by iamrohitbanga
    I have a D-Link router for my home Wi-Fi network. Everyday at least once the internet suddenly goes down. I am simply not able to connect to the Wi-Fi network. If I just restart the router, it starts working. To debug the issue I logged into the admin panel and noticed the time was set to something in 2002. I have set it to the correct time. Will wait to see if that fixes the problem. In the meanwhile I want to know what can go bad when the router has been set to show an incorrect time? What are the kinds of problems expected? My Wi-Fi was working just fine most of the time, but sometimes it lost the connection. Could this be linked to the incorrect time setting?

    Read the article

  • Gentoo server time issue, can't manually set time, NTPD won't correct, too big of a time difference

    - by kevingreen
    So, my server is living in the future, unfortunately I can't get lottery numbers, or stock picks out of it. It thinks this is the time: Thu Nov 7 04:07:18 EST 2013 Not correct, I tried to set the time manually via date in a few ways # date -s "06 NOV 2013 14:48:00" # date 110614482013 -- same output, same problem Which outputs Wed Nov 6 14:48:00 EST 2013, but when I check the date again, it's still set to Nov 7th 0400 or whatever. I checked my system messages, and I see this pop up often: Nov 7 03:54:00 www ntpd[4482]: time correction of -47927 seconds exceeds sanity limit (1000); set clock manually to the correct UTC time. Which makes sense, we're way off the correct time. But I can't seem to manually fix it. So now what? Also, I'm wondering if my hardware clock is setup correct, hwclock doesn't return any values. Would that be causing issues? This is a virtualized server, I don't have direct access to the hypervisor, but I can talk to who does, assume I can explain myself well enough. Thanks

    Read the article

  • Can time skew on Windows be reduced to +/- 5ms?

    - by mbac32768
    A number of our Windows workstations, running ntpd, simply cannot keep time. Our Linux workstations and servers running the same ntpd config don't have this problem, they can stay within +/- 5ms of skew. The Windows hosts easily drift to seconds and sometimes minutes apart. This is a problem for us. The only common factor we have been able to isolate is that the hosts that can't keep time are running Windows. Is there something fundamentally impossible with what we're trying to do?

    Read the article

  • What is a realistic average time difference between servers in the same LAN?

    - by monster
    Until recently, we had at work a small cluster of about 20 small Windows servers (which have now all been virtualized). They were all configured to synchronize with the local time server. It was on an 1Gb sub-network in our own DC. I never got them to be less than about 100ms away from each other, which I consider to be an incredibly big difference. Is that a normal value? What is a realistic expectation of time difference between machines running on a 1Gb network, and all connected to the same time server, and updating frequently, say every 5 minutes? I would like to know this as setting timeouts and other parameters in a distributed application requires to take that difference into consideration.

    Read the article

  • Malicious content on server - next steps advice [closed]

    - by Under435
    Possible Duplicate: My server's been hacked EMERGENCY I just got an e-mail from my hosting company that they got a report of malicious content being hosted on my vps. I was unaware of this and started looking into it. I discovered a file called /var/www/mysite.com/osc.htm. Soon after I discovered some weird php files wp-includes.php and ndlist.php both recognized as being PHP/WebShell.A.1 virus. I removed all these files but I'm unsure of what to do next. Can anyone help me analyze the output below of sudo netstat -A inet -p -e and give advice on what's best to do next. Thanks very much in advance Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp 0 0 localhost.localdo:mysql localhost.localdo:37495 TIME_WAIT root 0 - tcp 0 1 mysite.com:50524 xnacreators.net:smtp SYN_SENT Debian-exim 69746 25848/exim4 tcp 0 0 mysite.com:www tha165.thehealtha:37065 TIME_WAIT root 0 - tcp 0 0 localhost.localdo:37494 localhost.localdo:mysql TIME_WAIT root 0 - udp 0 0 mysite.com:59447 merlin.ensma.fr:ntp ESTABLISHED ntpd 3769 2522/ntpd udp 0 0 mysite.com:36432 beast.syus.org:ntp ESTABLISHED ntpd 4357 2523/ntpd udp 0 0 mysite.com:48212 formularfetischiste:ntp ESTABLISHED ntpd 3768 2522/ntpd udp 0 0 mysite.com:46690 formularfetischiste:ntp ESTABLISHED ntpd 4354 2523/ntpd udp 0 0 mysite.com:35009 stratum-2-core-a.qu:ntp ESTABLISHED ntpd 4356 2523/ntpd udp 0 0 mysite.com:58702 stratum-2-core-a.qu:ntp ESTABLISHED ntpd 3770 2522/ntpd udp 0 0 mysite.com:49583 merlin.ensma.fr:ntp ESTABLISHED ntpd 4355 2523/ntpd udp 0 0 mysite.com:56290 beast.syus.org:ntp ESTABLISHED ntpd 3771 2522/ntpd

    Read the article

  • Why is the superblock last mount time in the future?

    - by user69541
    Future time: Since installing Ubuntu 12.04, I regularly have to fun fsck and reset my clock because it shows a 'future time' : Err.Msg. "superblock last mount time is in the future by less than a day, probably due to hardware clock being incorrectly set." FIXED. According to what I have read, it looks like I'm in the right place to get an answer. Following are my feeble attempts to rectify this annoyance: mjh@mjh-desktop:~$ sudo service ntp start [sudo] password for mjh: ntp: unrecognized service mjh@mjh-desktop:~$ mjh@mjh-desktop:~$ sudo apt-get install update Reading package lists... Done Building dependency tree Reading state information... Done E: Unable to locate package update mjh@mjh-desktop:~$ sudo service ntp start ntp: unrecognized service mjh@mjh-desktop:~$ Suggestions? Matthew

    Read the article

  • My Mac OS X 10.5 netstat reveals a lot of open UDP connections.

    - by bboyreason
    here are my netstat results (besides server-less connections): Active Internet connections Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 0 192.168.1.98.49224 r1.ycpi.vip.sp2..http ESTABLISHED tcp4 0 0 192.168.1.98.49223 r1.ycpi.vip.sp2..http ESTABLISHED tcp4 0 0 192.168.1.98.49203 lax04s01-in-f189.https ESTABLISHED tcp4 0 0 192.168.1.98.49201 lax04s01-in-f19..https ESTABLISHED tcp4 0 0 192.168.1.98.49198 lax04s01-in-f19..http ESTABLISHED tcp4 0 0 192.168.1.98.49196 lax04s01-in-f19..https ESTABLISHED tcp4 0 0 192.168.1.98.49194 lax04s01-in-f19..https ESTABLISHED tcp4 0 0 192.168.1.98.49192 lax04s01-in-f19..https ESTABLISHED tcp4 0 0 192.168.1.98.49183 r1.ycpi.vip.sp2..http ESTABLISHED tcp4 0 37 192.168.1.98.49179 l1.login.vip.sp1.https CLOSING tcp4 0 0 192.168.1.98.49175 lax04s01-in-f104.https ESTABLISHED tcp4 0 37 192.168.1.98.49167 l1.login.vip.sp1.https LAST_ACK tcp4 0 0 192.168.1.98.49164 lax04s01-in-f19..https ESTABLISHED tcp4 0 0 192.168.1.98.49174 69.31.112.122.http TIME_WAIT tcp4 0 0 192.168.1.98.49173 69.31.113.83.http TIME_WAIT udp4 0 0 *.ipp **.* udp4 0 0 192.168.1.98.ntp **.* udp4 0 0 *.49628 **.* udp4 0 0 *.51997 **.* udp4 0 0 *.64675 **.* udp4 0 0 *.61947 **.* udp4 0 0 *.65152 **.* udp4 0 0 *.55643 **.* udp4 0 0 *.51704 **.* udp4 0 0 *.59757 **.* udp4 0 0 *.53643 **.* udp4 0 0 *.65346 **.* udp4 0 0 *.61960 **.* udp4 0 0 **.* **.* udp6 0 0 localhost.ntp **.* udp4 0 0 practivate.adobe.ntp **.* udp6 0 0 localhost.ntp **.* udp6 0 0 *.ntp **.* udp4 0 0 *.ntp **.* udp6 0 0 *.mdns **.* udp4 0 0 *.mdns **.** udp4 0 0 *.** **.** udp4 0 0 *.** **.** omitted a few asterisks, basically all the empty spots are asterisks what is up with all the UDP connections listening on any port? is that what this means? the internet activity that should be going in is that i connected via wpa to wifi at a small restaurant visited a few pages, checking mail from a few different accounts, no new mail or downloads where done. ?

    Read the article

  • Config Time Service on Server 2008 DC using Group Policy Only

    - by Ed Fries
    I want to configure the Time Service using only GP in a Server 2008 R2 domain. I have created a GP as follows: Computer Config, Policies, Administrative Templates, System, Windows Time Policy: =Global Configuration Settings -Enabled w/ default settings. Computer Config, Policies, Administrative Templates, System, Windows Time Policy,Time Providers: =Configure Windows NTP Client -Enabled w/ default settings. =Enable Windows NTP Client -Enabled w/ default settings. =Enable Windows NTP Server -Enabled w/ default settings. The policy is linked, enforced and applied to Domain Controllers OU. The GP modeling results shows the policy is in effect on the DC (Single DC domain) and the DC is recognized as the PDC emulator. I have run gpupdate /force and logged off/on. The issue is that the DC shows the time source as internal. I understand I can force this at the cmd line using w32tm to set the peer but I would like to understand what is missing in the GP. The default NTP Client GP setting includes time.windows.com,0x9 as the source but it does not appear to be taking effect.

    Read the article

  • Active directory authentication for Ubuntu Linux login and cifs mounting home directories...

    - by Jamie
    I've configured my Ubuntu 10.04 Server LTS Beta 2 residing on a windows network to authenticate logins using active directory, then mount a windows share to serve as there home directory. Here is what I did starting from the initial installation of Ubuntu. Download and install Ubuntu Server 10.04 LTS Beta 2 Get updates # sudo apt-get update && sudo apt-get upgrade Install an SSH server (sshd) # sudo apt-get install openssh-server Some would argue that you should "lock sshd down" by disabling root logins. I figure if your smart enough to hack an ssh session for a root password, you're probably not going to be thwarted by the addition of PermitRootLogin no in the /etc/ssh/sshd_config file. If your paranoid or not simply not convinced then edit the file or give the following a spin: # (grep PermitRootLogin /etc/ssh/sshd_conifg && sudo sed -ri 's/PermitRootLogin ).+/\1no/' /etc/ssh/sshd_conifg) || echo "PermitRootLogin not found. Add it manually." Install required packages # sudo apt-get install winbind samba smbfs smbclient ntp krb5-user Do some basic networking housecleaning in preparation for the specific package configurations to come. Determine your windows domain name, DNS server name, and IP address for the active directory server (for samba). For conveniance I set environment variables for the windows domain and DNS server. For me it was (my AD IP address was 192.168.20.11): # WINDOMAIN=mydomain.local && WINDNS=srv1.$WINDOMAIN If you want to figure out what your domain and DNS server is (I was contractor and didn't know the network) check out this helpful reference. The authentication and file sharing processes for the Windows and Linux boxes need to have their clocks agree. Do this with an NTP service, and on the server version of Ubuntu the NTP service comes installed and preconfigured. The network I was joining had the DNS server serving up the NTP service too. # sudo sed -ri "s/^(server[ \t]).+/\1$WINDNS/" /etc/ntp.conf Restart the NTP daemon # sudo /etc/init.d/ntp restart We need to christen the Linux box on the new network, this is done by editing the host file (replace the DNS of with the FQDN of the windows DNS): # sudo sed -ri "s/^(127\.0\.0\.1[ \t]).*/\1$(hostname).$WINDOMAIN localhost $(hostname)/" /etc/hosts Kerberos configuration. The instructions that follow here aren't to be taken literally: the values for MYDOMAIN.LOCAL and srv1.mydomain.local need to be replaced with what's appropriate for your network when you edit the files. Edit the (previously installed above) /etc/krb5.conf file. Find the [libdefaults] section and change (or add) the key value pair (and it is in UPPERCASE WHERE IT NEEDS TO BE): [libdefaults] default_realm = MYDOMAIN.LOCAL Add the following to the [realms] section of the file: MYDOMAIN.LOCAL = { kdc = srv1.mydomain.local admin_server = srv1.mydomain.local default_domain = MYDOMAIN.LOCAL } Add the following to the [domain_realm] section of the file: .mydomain.local = MYDOMAIN.LOCAL mydomain.local = MYDOMAIN.LOCAL Conmfigure samba. When it's all said done, I don't know where SAMBA fits in ... I used cifs to mount the windows shares ... regardless, my system works and this is how I did it. Replace /etc/samba/smb.conf (remember I was working from a clean distro of Ubuntu, so I wasn't worried about breaking anything): [global] security = ads realm = MYDOMAIN.LOCAL password server = 192.168.20.11 workgroup = MYDOMAIN idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U template shell = /bin/bash client use spnego = yes client ntlmv2 auth = yes encrypt passwords = yes winbind use default domain = yes restrict anonymous = 2 Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start Setup the authentication. Edit the /etc/nsswitch.conf. Here are the contents of mine: passwd: compat winbind group: compat winbind shadow: compat winbind hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files Start and stop various services. # sudo /etc/init.d/winbind stop # sudo service smbd restart # sudo /etc/init.d/winbind start At this point I could login, home directories didn't exist, but I could login. Later I'll come back and add how I got the cifs automounting to work. Numerous resources were considered so I could figure this out. Here is a short list (a number of these links point to mine own questions on the topic): Samba Kerberos Active Directory WinBind Mounting Linux user home directories on CIFS server Authenticating OpenBSD against Active Directory How to use Active Directory to authenticate linux users Mounting windows shares with Active Directory permissions Using Active Directory authentication with Samba on Ubuntu 9.10 server 64bit How practical is to authenticate a Linux server against AD? Auto-mounting a windows share on Linux AD login

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9  | Next Page >