Was there a time change at time.apple.com?
August 24, 2006 8:14 AM   Subscribe

Has anyone else noticed a time change on machines that sync to the time.apple.com NTP server?

Today we are having login difficulties because of kerberos time sync issues and all other conditions seem unaltered. (also suspicious the machines used to match the phone system and now they do not) Perhaps someone else out there has a time critical environment and has noticed this as well or can in some way confirm that it has not changed.
posted by milovoo to Computers & Internet (9 answers total) 1 user marked this as a favorite
 
Best answer: My Mac is synced to time.apple.com, and my Linux box is synced to rolex.usg.edu, and they're within a second of each other. I just resynced both to make sure, and they look fine here.

Could your OTHER source be out of whack?
posted by Malor at 8:20 AM on August 24, 2006


No issues here (Columbus, Ohio) on our 100+ Macs all synchronized to time.apple.com.
posted by crosten at 8:21 AM on August 24, 2006


Response by poster: Could your OTHER source be out of whack?

Hmm, good point, I'm checking. That seems weird but probably more likely if no one else sees any difference.
posted by milovoo at 8:32 AM on August 24, 2006


Could your computers have not been able to contact time.apple.com for some reason before (i.e. internet provider blockage, etc.), and now that they're back in synch with the remote clock, it knocked things out locally?
posted by SpecialK at 9:14 AM on August 24, 2006


Best answer: If your institution is running Kerberos, it should have all its users use one single time server, preferably run by the same IT crew. You really should not have users syncing to disparate, unconnected NTP services. That's one less variable in troubleshooting Kerberos ticket timestamping problems.

Contact your IT staff and ask them for the campus/company NTP server. If your group doesn't run one, push your management to run a proper Kerberos installation, or these issues will keep coming up.
posted by Blazecock Pileon at 9:23 AM on August 24, 2006


Well, to clarify what Blazecock said: you *will* be syncing to outside clocks... you should just be doing it from *one* master site clock, off which all your Kerberos clients chime. (I love that verb.)

Optimally, if you have a sufficiently sizeable Kerberos cluster, your site NTP server should be synced to at least 3 and maybe as many as 5 outside clocks, at least one of then either Strat 1 or GPS.

How are your clocks off, and all in the same direction?
posted by baylink at 10:56 AM on August 24, 2006


Set up a local NTP server and have it sync from time.apple.com or pool.ntp.org instead. then point the Kerb clients at that internal host. Works great.
posted by drstein at 11:10 AM on August 24, 2006


Response by poster: Aha! yes, they were set to two different NTP servers, one local and one apple. Strange. I set the problem machines to the local one, seems to work now. Thanks for the help.
posted by milovoo at 11:52 AM on August 24, 2006


FWIW, drstein, if he has a site clock, but it's *only* synced from time.apple.com, and there actually was a problem where their clock went insane (which NANOG hasn't mentioned, but no one there would notice, since they don't single-sync their clocks :-), then he could have the same problem...
posted by baylink at 11:53 AM on August 24, 2006


« Older Why isn't this shampoo advertised?   |   On line picture framer Newer »
This thread is closed to new comments.


Tags

Share