I have freshly setup a nethserver as pdc and also run into this problem from time to time. Is there a permanent solution for this? Can I change something somewhere in configuration, or do I have to resolve this by a gpo on my windows 10 clients? Or by a logon script?
Problem can be solved by starting command prompt as administrator and running net time \dc_hostname /set /yes and re-logon. Or could it be suricata? I am asking, because I activated all categories and edited all to block instead of alarm. That way, I created a problem with filebrowsing on my shares, even a rightclick on a file on a share made windows freeze and it took a minute to the context menu to display. I found out, that the suricata module Policy was the blocking one. I will observe if the timing problem is solved too with deactivated Policy module, and if not, report back.
Edit to add, that until now, I encountered no problems anymore. But reading the docs, I am afraid, I could have enabled too much, as apart from mentioned policy rule, all rules are activated and I read that I some could block updates. Having additionally setup Pi-Hole on a vm too, with a bunch of blocklists, I will observe if in the next some weeks, there are updates for nethserver but also for my windows 10 client, and disable if necessary some of the rules. I would appreciate if someone could point on rules that should not be activated apart from the poliy rule anyway.