[ntp:hackers] Protocol specification modification for MS-SNTP
abartlet at samba.org
Mon Jul 13 03:02:30 UTC 2009
On Sun, 2009-07-12 at 22:47 -0400, Danny Mayer wrote:
> Harlan Stenn wrote:
> > Danny wrote:
> >> The code should not be using Unix domain sockets. It needs to use either
> >> AF_INET or AF_INET6.
> > Why? What's the problem you are trying to solve?
> > H
> That's a point solution. The server can be anywhere.
We (the Samba Team) have no need for a broader solution. We are very
happy with the solution as proposed and implemented. Our users are also
very happy with the solution.
Please read MS-SNTP. In particular, please pay careful attention to:
> 1.5.1 Time Source Discovery and Selection
> The client must have a way of locating a time source that is a
> domain controller and that can establish a secure connection with the
> As specified in [MS-NRPC] section 18.104.22.168, Windows clients use the
> DsrGetDcName method in the Netlogon domain controller locator service
> to find their time sources. Each Windows domain controller configured
> to be a time source must set its domain control information flags with
> the appropriate time service flags, as specified in [MS-NRPC] section
As such, the NTP server and the domain controller are strictly required
to be the same host. There is no flexibility in real world operation to
be be gained in any generalisation here.
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : https://lists.ntp.org/pipermail/hackers/attachments/20090713/d45aa2a1/attachment.bin
More information about the hackers