we do have a big problem with logging in at our clients and also using the roaming profiles. It is possible to login at windows with local profils, but not in Linux clients. So what we found out, that the NTP is on a different IP then the DC- so if the time of the server (DC) and the clients are not perfectly synchronized you get espacially with Linux troubles with logging in- any solutions? We would appreciate some hints.
for windows client that can be solved by “net time \MY_PDC /set /yes” in the netlogon.bat
But if that´s all true I suppose that is a bug!? because DC always has to send time information to the clients!
Have you tried to set the DC IP as NTP server for the clients?
No- that´s not possible because usually NTP settings are deactivated on clients, when they become member of a a domain- and the time synchronization is pointed on the DC automatically. But in NS7 it looks like, that the NTP Server is only projecting to the other IP address of the server and not to the one of the DC.
Effectively nmap on DC IP does not show an NTP service available:
# nmap -sU -p 123 192.168.122.77 Starting Nmap 7.40 ( https://nmap.org ) at 2017-01-11 12:32 CET Nmap scan report for 192.168.122.77 Host is up (0.00016s latency). PORT STATE SERVICE 123/udp closed ntp
If clients expect an NTP server running on a DC, we should add it!
The bug was fixed here
A post was split to a new topic: Cannot synchronize with DC NTP