Cluster setup and Windows 2016 NTP server

book

Article ID: 145586

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM) CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

PAM v3.2.4 HF5 / Higher version

There is a Windows 2016 server with NTP service configured in the DR network. Also, there is a single PAM node on the secondary site (DR). When configuring multi-site clustering, for this PAM node, the NTP page shows errors and clustering is unsuccessful, "PAM-CMN-5113: NTP on this member is not properly configured"

Please advise,  if there is any specific/ special configuration required for the NTP server?

Cause

The cause for failure is the bad / slow response from the Windows 2016 NTP.  The Windows Server 2016 is an NTP client of pool.ntp.org and its time/clock is synced with the NTP pool servers (The server is at the same time the NTP server for other domain client systems).If there are too many hops to reach the NTP server as well the response may be slow or communication may be lost at times.

Environment

Release : All CA PAM Releases

Component : PRIVILEGED ACCESS MANAGEMENT

Resolution

To resolve this point PAM to the NTP appliances, or the actual NTP servers (like pool.ntp.org) which have a better communication mode are are much more stable. Try to provide the IP address of the NTP Appliances / Servers as this would be connecting to that IP appliance / server. After this cluster configuration is successful.