I'm still here :) Regarding:
" If you are running Windows Server 2003, it *may* not allow non-domain members to sync with it out of the box. " NTP is not a secure protocol. You can sync non-domain joined severs with a DC. SNTP and NTP are exactly the same network packet. The only difference is how the packets are processed. So you can sync a NTP client against SNTP and vice versus. Additionally the Windows OS version won't matter here (well, at least 2000 vs 2003 vs XP). Getting a Unix NTP client syncing with a 2000 forest should work just fine. You may have to turn off any add-on NTP security on the Unix client. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Creamer, Mark Sent: Thursday, February 17, 2005 2:10 PM To: Michael Wallendahl; [email protected] Subject: RE: [ActiveDir] W32Time and *nix Sheesh, now someone with Win2K that does work!! :-) My domain is Win2000 also Mike. Now I'm just confused again. W32Time wizard Nathan - are you still monitoring this list? <mc> -----Original Message----- From: Michael Wallendahl [mailto:[EMAIL PROTECTED] Sent: Thursday, February 17, 2005 5:02 PM To: Creamer, Mark Subject: Re: [ActiveDir] W32Time and *nix Hi Mark: What version of Windows Server are you running? I have a Windows 2000 AD at work. I successfully synchronize several non-windows devices against my DC's without a problem. You can synchronize against any DC in your network (no need to specifiy a particular DC). A neat trick is to just sync against your AD domain name as that name resolves to a list of all of your DC's. That way if you ever change a DC's name you won't have to reconfigure all your timesync configs. My FreeBSD 5.3 server synchronizes against my DC just fine. The configuration file /etc/ntp.conf has the following two lines in it: server domain.com driftfile /var/db/ntp.drift My Windows 98 machines sync using a freeware utility called "Automachron". If you are running Windows Server 2003, it *may* not allow non-domain members to sync with it out of the box. I can't find anything on google right now. I just tested against my test 2003 server at home and it did allow a non-domain member to sync with it but I don't know if I've changed anything on it since building it. Best bet would be to try and run Automachron on your own workstation against a DC and see if it reports any errors that you can google on. Do you have a firewall or router between you and your DC's that is filtering NTP ports? Good luck! Let me know what you find out! -Mike Creamer, Mark wrote: >Folks, I'd like to throw this back out for comments if I can. A while back I asked about using our >current W32Time server, the forest root AD box, as the authoritative time server for the non-Windows >clients on our network. I haven't had any luck getting this to work. If I remember correctly, W32Time >is a derivation of the NTP protocol, (is it SNTP maybe??). Anyway, nothing I've tried enables the >Linux and Unix boxes to sync with this server. One article I read said it will not work, but you >obviously can't rely on everything posted on the net :-) > >Am I missing something, or do I need to maybe look at a 3rd party solution to handle all of the time >services? What are some of you using for this situation? Thanks! > >Mark Creamer > > > This e-mail transmission contains information that is intended to be confidential and privileged. If you receive this e-mail and you are not a named addressee you are hereby notified that you are not authorized to read, print, retain, copy or disseminate this communication without the consent of the sender and that doing so is prohibited and may be unlawful. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please delete and otherwise erase it and any attachments from your computer system. Your assistance in correcting this error is appreciated. Thank you. Cintas Corporation. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
