Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
If you have an AD that is not properly synchronized you are in a special kind of hell...
And the PDC must use an external time server....
Kerberos / ticket based auth relies on - and tons of other stuff.
As much as I hate Windows, this is an config problem.
I'd be worried that you haven't noticed it earlier 😱
(had my fun with stuff like that a long time ago, took a lot of time to figure out that the auth wasn't working because a clock skew existed) -
@IntrusionCM Well internally, Kerberos was delighted because all the computers were in sync.
Then the main NAS decided it wanted to ask the Internet what time it was, and magic started happening.
Then I get comments like "Yeah, Chrome was doing something earlier this week with a red screen, but we googled it away.
Yo... big red screens are something important I should be told about.
Then they mentioned that they were using Chrome because Internet Explorer was just saying the Internet didn't exist.
:headdesk: -
@Tsaukpaetra have a cookie and a blanket. Sounds like fun time.
-
Yeah.. Not an easy thing time. Also I believe Microsofts main time (ntp?) server is overloaded lots of the time.
We have plenty of issues in our software when the database has a time that's off by more than 1 minute from the client pcs. Sigh.
Perhaps we should introduce an active directory server then 🤔 -
@jkommeren Technically you don't need an active directory server, just ja local NTP server you designate as the One True Source, which you tell all your other PCs to sync with.
The only trouble is when your source is not actually reliable and gets out of sync with the rest of the world (as in this case). -
@IntrusionCM well let me explain,
My lead appears to be terrified of setting up our own ntp servers (at customers)
I thought in our case ad might help, setup complexity wise (as we won't have to update our clients?) but I guess setting up proper time servers is a better option 👍 -
@jkommeren Yeah, making an AD would be the opposite of simple. I wouldn't set one up solely to make all the machines have the right time.
Doing so to publish settings and make things consistent between stations, mapping drives, etc. Now that's more of a suggestion that incidentally also fixes the original ask. But it's usually not going to outweigh the downsides of having to ensure all the stations are Pro, setting the directory up, joining them to the directory, and all the administrative overhead incurred.
AD is pretty good if you're already complicated, if your needs aren't that and you need only the one thing, keep it simple. 😇
So, most (if not all) modern operating systems sync their time with some trusted source (like the Internet) right? Windows included. All is well.
When your Windows 10 computers are joined to a domain, it thence relies on your local neighborhood domain controller to tell it the time. Sounds good, since domain controllers Never Go Down, right? All is well.
Services are all being cloud-ified, which means virtual machines. The domain controllers have suffered this fate, but everything is smooth and buttery. All is well.
Wait, the VM's clock is running slow. Uh oh....
Wait, isn't it supposed to ask the Internet?
Well, no. Domain Controllers decide that They Know All, and stop asking the Internet for its opinion.
This causes problems, but only ever so slowly, and it took me noticing all the computers seemed to be ten minutes slow compared to my phone (and well everyone else's phone) to realize what had happened.
Thanks, Windows...
rant
ntp
let's go together
dates are hard