Identity Management: DISABLING A CHRONY DISPATCHER SCRIPT?

nasheayahu · March 13, 2023, 5:04am

I’m installing and configuring a Identity manager server (FreeIPA) and in

28.4. DISABLING A CHRONY DISPATCHER SCRIPT

if you configure certain interfaces or routes outside of NetworkManager, you can
encounter the following situation:

The dispatcher script might run when no route to the NTP servers exists, causing the NTP servers to switch to the offline state.
If you establish the route later, the script does not run again by default, and the NTP servers remain in the offline state.

Is it a normal practice to disable the dispatcher script for this setup?

label · March 13, 2023, 5:20am

That section is for situations as noted, where you are configuring interfaces/routes outside of Network Manager, which would be highly unusual for FreeIPA domain controllers. As network manager is the default way to handle interfaces and more often than not most configuration is done there, this section is likely talking about a very specific edge case.

With that being said, it is not normal practice to disable the dispatcher for FreeIPA domain controllers. What FreeIPA cares about the most is having all clocks synced. In my opinion, you need to make sure your domain controllers (and IPA clients) can freely talk and communicate with whatever NTP servers that are configured, whether they are internal to you or the default NTP servers configured in chrony.

Topic		Replies	Views
RPM for NetworkManager utilities for gateway configurations Rocky Linux Help & Support	7	441	August 24, 2023
Setting up NTP synchronization Rocky Linux Help & Support	4	25184	August 25, 2023
Rocky NTP server Rocky Linux Help & Support	5	3691	August 25, 2023
Naming Scheme - Rev 1 Infrastructure	43	2731	August 25, 2023
Why run chronyd and ntpd concurrently? Rocky Linux Help & Support	5	2075	August 25, 2023

Identity Management: DISABLING A CHRONY DISPATCHER SCRIPT?

Related topics