I’m installing and configuring a Identity manager server (FreeIPA) and in
28.4. DISABLING A CHRONY DISPATCHER SCRIPT
if you configure certain interfaces or routes outside of NetworkManager, you can
encounter the following situation:
-
The dispatcher script might run when no route to the NTP servers exists, causing the NTP servers to switch to the offline state.
-
If you establish the route later, the script does not run again by default, and the NTP servers remain in the offline state.
Is it a normal practice to disable the dispatcher script for this setup?
That section is for situations as noted, where you are configuring interfaces/routes outside of Network Manager, which would be highly unusual for FreeIPA domain controllers. As network manager is the default way to handle interfaces and more often than not most configuration is done there, this section is likely talking about a very specific edge case.
With that being said, it is not normal practice to disable the dispatcher for FreeIPA domain controllers. What FreeIPA cares about the most is having all clocks synced. In my opinion, you need to make sure your domain controllers (and IPA clients) can freely talk and communicate with whatever NTP servers that are configured, whether they are internal to you or the default NTP servers configured in chrony.
1 Like