NTP Sync Issues
Article ID: 102387
Updated On:
Products
CA Privileged Access Manager - Cloakware Password Authority (PA)
CA Privileged Access Manager (PAM)
Issue/Introduction
Customer has followed CA PAM documentation and configured the NTP Servers, but is still unable to turn the cluster on - CA PAM returns errors related to NTP. Why is this happening?
Environment
CA PAM 3.x
Resolution
Customer has used Windows servers as NTP Servers. Although there are no official restrictions to this configuration, on most environments Windows Time Servers will fail to provide CA PAM a correct time response.
Windows Time Servers are not standard NTP implementations (details here) and, because of this, CA PAM fails to sync its clock. The screenshot below shows an example of Windows Time Servers being rejected by CA PAM. The configuration is correct, the servers are reachable, but they are unable to sync:
To get rid of this issue we recommend the use of standard NTP servers, Unix/Linux based.
Attachments
Feedback
Yes
No
Powered by
