EasyManua.ls Logo

EndRun Sonoma D12 - Restrict Query Access - NTP

EndRun Sonoma D12
172 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
S o n o m a U s e r M a n u a l
28
C H A P T E R T H R E E
29
S o n o m a U s e r M a n u a l
N E T W O R K T I M E P R O T O C O L ( N T P )
Configuring the NTP Server above will be assumed in the example conguration commands shown
here.
You have installed NTP on your client computer.
You have successfully performed the Windows: Basic NTP Client Setup on your client computer.
Create the ntp.keys File
You must create a le named ntp.keys in the /program files/ntp/etc directory (for example). It must
be a copy of the one residing in the /etc directory of your Sonoma. You can telnet into your So-
noma and start an ftp session with your client computer to send the Sonoma /etc/ntp.keys le to your
client computer, or use the secure copy utility scp, or use a text editor to create the equivalent le.
Although you should rst test your setup using the factory default /etc/ntp.keys le in your Sonoma
server, you should create your own keys after you understand the process and have your clients oper-
ating correctly with the default le.
Handling of the \program files\ntp\etc\ntp.keys file is the weak link in the MD5 authentication
scheme. It is very important that it is owned by “administrator” and not readable by anyone other than
“administrator”.
After transferring the file, make sure that its security properties are set such that it is readable only by the
“administrator”.
Configure NTP
Add these lines to the end of the ntp.conf le, but substitute your particular directory path for the one
shown (program files\ntp\etc):
keys \program files\ntp\etc\ntp.keys
trustedkey 1 2
Modify the line added previously in Windows: Basic NTP Client Setup so that authentication will be
used with the Sonoma server using one of the trusted keys, in this case, key # 1:
server 192.168.1.120 key 1
Restart ntpd.exe to have it begin using the Sonoma server with MD5 authentication. By default,
the NTP installation program installs ntpd.exe as a service called Network Time Protocol, and starts
it. You must use the Services utility in Control Panel to stop the Network Time Protocol service and
then restart it.
Use the NTP utility ntpq.exe to check that ntpd.exe is able to communicate with the Sonoma.
From a console window, after issuing the command
ntpq
IMPORTANT

Table of Contents

Related product manuals