title: use ntpd, please. link: https://onemoretech.wordpress.com/2007/12/19/use-ntpd-please/ author: lembobro description: post_id: 589 created: 2007/12/19 22:06:17 created_gmt: 2007/12/19 22:06:17 comment_status: open post_name: use-ntpd-please status: publish post_type: post

use ntpd, please.

Every enterprise identity management system I’m aware of requires some kind of time synchronization. Unfortunately implementing this often falls off the to-do list of many sysadmins. Most modern Unix distributions include the ntpd daemon out of the box, and Windows provides a similar facility.

On a Red Hat derived system you can set the time as root using ntp by invoking the ntpdate tool.

ntpdate [ntp server name or IP]

Once you’ve synchronized with the time server using ntpdate, you should edit ntp.conf to include your preferred time server (or servers).

I usually comment out what’s already configured and add something like this to the bottom of the /etc/ntp.conf file:

`

server ntp.mydomain.com
restrict ntp.mydomain.com mask 255.255.255.255 nomodify notrap noquery

`

Finally, start the daemon and set things up so it’s automatically restarted when the box is rebooted.

/sbin/service ntpd start

/sbin/chkconfig ntpd on

That’s all there is to it.

If your local Unix sysadmin who’s spent a few too many years managing Solaris or AIX systems gives you a hard time about this tell ‘em Eldapo said this is the way things work in ID Management, and if they have a problem with it — to go talk to the auditors.

Copyright 2004-2019 Phil Lembo