Debian server will not update from NTP from Windows Server 2003
 

Hello everyone. My first post here although I have been lurking for a while. I hope I have put this in the right place and if not I'm sure someone will move it to it's correct home.

I am having an issue getting my Debian x64 server to sync time with my local NTP server on my network which is running Windows Server 2003. Both of these machines are running in a VM. I can sync time with another client on my network to the Server 2003 machine just fine with no issues. My Debian server can sync time with another time server, just not the Windows 2003 server on my LAN. The error that I am getting is the following:

"ntpdate[7988]: no server suitable for synchronization found"

I have googled and googled and googled and searched this forum to no avail. I have started over many, many times to no avail. I configured iptables correctly and the firewall on my router correctly and the firewall on Server 2003 correctly.

I don't know why this won't work and I'm at a loss. I hope that someone here can give me a hand in this. If there's any information you need from me please let me know and I'll provide it. Thank you in advance

you need to pay more attention to NTP, and not just live with that error code. add a few -v's and you'll more than likely find a firewall issue in place. add the AD server to your /etc/ntp.conf as "server 12.34.45.56" as appropriate and start the server. give it a few minutes, then run "ntp -pn" and then you'll see its long term view of the servers ntp, if it's listed as strata 16 then it can't even reach it.

I tried switch -v with no success. Gives the same error. I also had already added the server to /etc/ntp.conf as well. The command "ntp -pn" doesn't work as it says "ntp: command not found". Tried to do a apt-get install ntp with no luck. Thank you for your help but I'm still stuck with this not working. If there's anything else you can think of, please let me know. Thank you.

EDIT: Also, when I try to do sudo ntpdate time.windows.com, I get the same error. However, if I try sudo ntpdate nist1-chi.ustiming.org, it works just fine. Is that not weird?

sorry, "ntpq -pn" (ntp query)

you'll still get the same errors, but you should get additional info to help you know what the problem is.

Gives me a "ntpq: read: Connection refused". I am assuming the connection from my Windows Server is refusing the connection from my Debian server? That wouldn't make any sense as my Ubuntu client and my other Windows 7 client can get time updates just fine from the Windows 2003 server.

no, that means you're not running an ntp daemon locally. ignore that for now then and stick with ntpdate, adding -v's and posting useful output here.

Here's what I have for output so far:
Works with a time server that's external just fine:
Debug from ntpdate:

Shameless bump to the top. I still have not found a resolution for this.

OK, so it looks like it's a windows issue to me. There's a tool which you can use on windows, equivalent to the ntpq command on linux, which i *think* is "w32tm /query /status" it should largely mirror the later output of ntpdate in a different format.

Oh, but then it says the windows service is synced to itself (LOCL)? it's probably jsut discounting that data as that server isn't reliably synced to anything else, so the time is not in any way reliable.

What's weird is that if try to sync time doing "sudo ntpdate time.windows.com" it won't sync the time but if I try any other server from http://tf.nist.gov/tf-cgi/servers.cgi, my Debian server will sync with any of them. Does that help maybe narrow the problem? Also, my iptables looks like the following: