SOLVED linux ntp client to Windows domain controller

[Brazen]

Here is what I get:

[root@VMWare1 root]# ntpdate -u 192.168.3.3
25 Aug 11:48:01 ntpdate[25160]: sendto(192.168.3.3): Operation not permitted
25 Aug 11:48:02 ntpdate[25160]: sendto(192.168.3.3): Operation not permitted
25 Aug 11:48:03 ntpdate[25160]: sendto(192.168.3.3): Operation not permitted
25 Aug 11:48:04 ntpdate[25160]: sendto(192.168.3.3): Operation not permitted
25 Aug 11:48:05 ntpdate[25160]: no server suitable for synchronization found
[root@VMWare1 root]# rpm -qa | grep ntp
ntp-4.1.2-4.EL3.1

Windows workstations work fine, so I don't have a clue why this doesn't work. Does anyone know of any issues of syncing from linux to a Windows time server (Windows 2000 domain controller).

 

[cleverhandle]

That looks like a network error message to me, not an application one. Any firewalls or anything else like that going on?

 

[nweaver]

agreed, it looks like iptables may be blocking that port/IP?

clear the tables (iptables -F usually works) and try again.

 

[Brazen]

here is some info:


That top line that says "ACCEPT all -- anywhere anywhere" doesn't that mean everything will be accepted?!

 

[Brazen]

ok, I found documentation specifically for ESX Server 3.0 (which this is) for usint ntp and it said to run this command open up the necessary security: "esxcfg-firewall --enableService ntpClient" and it works now.

 

[cleverhandle]

Actually, now that I'm realizing it's VMWare, do you really want to be using NTP at all? Maybe ESX is different, but for the freebie version it recommends using the time sync functionality from VMWare tools rather than using a regular timekeeping program.

 

[n0cmonkey]

Originally posted by: cleverhandle
Actually, now that I'm realizing it's VMWare, do you really want to be using NTP at all? Maybe ESX is different, but for the freebie version it recommends using the time sync functionality from VMWare tools rather than using a regular timekeeping program.

ntpd (x or open ) better emulates real world environments...

 

[Brazen]

Originally posted by: cleverhandle
Actually, now that I'm realizing it's VMWare, do you really want to be using NTP at all? Maybe ESX is different, but for the freebie version it recommends using the time sync functionality from VMWare tools rather than using a regular timekeeping program.

The VMWare tools time sync is for within the guest virtual machines. I'm setting up ntp on the ESX Server itself (the server that hosts the virtual machines, get it?). For the host, whether it is ESX Server or the freebie server running on linux, your only option is to use ntp to keep the time synced.

However, within the guest OS's, yes you will want to use the VMWare tools to keep your clock synce to the host's clock, IF POSSIBLE. I say "if possible" because I can not find a way to configure the VMWare tools time sync on a linux guest without an X-server (which i use CLI-only). In that case, I use ntp, but I sync it to 127.127.1.0 which causes ntp to sync the software clock with the hardware clock; the hardware clock in this case would actually be the host's software clock. Am I making sense here?

edit: oops, I didn't mean to discredit n0c's "real world performance" comment. Yeah, normally I would say use vmware tools if you can, but as n0c said there may be reason to want to configure ntp in a guest OS due to it being more like the "real world."

edit: ok maybe discredit was a bad word for it. I meant, after rereading my post, I was afraid it sounded like _I_ didn't consider that a valid reason, but I do. nevermind.

 

[n0cmonkey]

Originally posted by: Brazen
edit: oops, I didn't mean to discredit n0c's "real world performance" comment. Yeah, normally I would say use vmware tools if you can, but as n0c said there may be reason to want to configure ntp in a guest OS due to it being more like the "real world."

I didn't think your comment "discreditted" mine at all. There are plenty of reasons for doing things any number of ways.

 

[cleverhandle]

Originally posted by: Brazen
The VMWare tools time sync is for within the guest virtual machines. I'm setting up ntp on the ESX Server itself (the server that hosts the virtual machines, get it?). For the host, whether it is ESX Server or the freebie server running on linux, your only option is to use ntp to keep the time synced.

Sorry, I didn't notice you were talking about the host and not a guest. Then you will use ntp, obviously.

However, within the guest OS's, yes you will want to use the VMWare tools to keep your clock synce to the host's clock, IF POSSIBLE. I say "if possible" because I can not find a way to configure the VMWare tools time sync on a linux guest without an X-server (which i use CLI-only).

But I haven't had any problem with that part. I have text-only VM's that sync just fine. Just make sure that the guest daemon is running and that you have the line tools.syncTime = "true" in your vmx file. No special configuration of the guestd is necessary apart from just making sure it's running.

Originally posted by: n0cmonkey
ntpd (x or open ) better emulates real world environments...

From what I've read, which I admittedly don't really understand (stuff about timer interrupts and such), timekeeping tools like ntp just aren't going to work reliably inside a VM when you do things like suspend it. Good document available here.

 

[Brazen]

Originally posted by: cleverhandle

But I haven't had any problem with that part. I have text-only VM's that sync just fine. Just make sure that the guest daemon is running and that you have the line tools.syncTime = "true" in your vmx file. No special configuration of the guestd is necessary apart from just making sure it's running.

vmx file? As in the file on the host? I didn't even know that was an editable file?! So I just checked it and it is. Well, I had tried to find how to do that. I googled and I asked in the VMWare forums to no avail. Thanks. I'll quit messing with ntp on the guests then.