Go to main content

Oracle^® ZFS Storage Appliance Administration Guide, Release OS8.7.x

Exit Print View

» ...Documentation Home » Oracle ZFS Storage ZS5-ES Documentation ... » Oracle^® ZFS Storage Appliance ... » Appliance Services » Configuring Services » NTP Configuration » NTP Properties

Updated: September 2017

Oracle^® ZFS Storage Appliance Administration Guide, Release OS8.7.x

Document Information

About Oracle ZFS Storage Appliance

Configuring the Appliance

Appliance Services

Managing Services

Configuring Services

Active Directory Configuration

Joining an AD Domain (BUI)

Joining an AD Workgroup (BUI)

Configuring Active Directory (CLI)

Active Directory Join Domain

Active Directory Domains and Workgroups

Active Directory Windows Server Support

DNS Configuration

Configuring DNS (BUI)

Configuring DNS (CLI)

Testing Hostname Resolution (CLI)

Adding a DNS Server (BUI)

Adding a DNS Server (CLI)

Viewing DNS Server Status (BUI)

Viewing DNS Server Status (CLI)

DNS Properties and Logs

Active Directory and DNS

Non-DNS Resolution

DNS-Less Operation

Dynamic Routing Configuration

FTP Configuration

Adding FTP Access to a Share (BUI)

HTTP Configuration

Adding HTTP Access to a Share (BUI)

HTTP Properties and Logs

HTTP Authentication and Access Control

Object Store Configuration

HTTPS Configuration

HTTPS Properties and Logs

Identity Mapping Configuration

Configuring Identity Mapping (BUI)

Configuring Identity Mapping (CLI)

Creating a Mapping Rule (BUI)

Creating a Mapping Rule (CLI)

Viewing a Mapping (BUI)

Flushing Mappings from the Cache (BUI)

Flushing Mappings from the Cache (CLI)

Identity Mapping Best Practices

Identity Mapping Concepts

Cached and Ephemeral Mappings

Identity Mapping Case Sensitivity

Mapping Rule Directional Symbols

IPMP Configuration

iSCSI Configuration

Kerberos Configuration

Creating a Kerberos Realm (BUI)

Creating a Kerberos Realm (CLI)

Importing Kerberos Keys (BUI)

Importing Kerberos Keys (CLI)

Creating Kerberos Principals and Keys (BUI)

Creating Kerberos Principals and Keys (CLI)

Deleting Kerberos Principals and Keys (BUI)

Deleting Kerberos Principals and Keys (CLI)

Destroying a Kerberos Realm (BUI)

Destroying a Kerberos Realm (CLI)

Kerberos Service Properties

Kerberos Properties and Logs

LDAP Configuration

Adding an Appliance Administrator (BUI)

Setting Properties with Multiple Attribute Value Pairs (CLI)

Configuring LDAP Security Settings (BUI)

Configuring LDAP Security Settings (CLI)

Monitoring LDAP Server Status (BUI)

Monitoring LDAP Server Status (CLI)

LDAP Properties

LDAP Custom Mappings

NDMP Configuration

NDMP Local vs. Remote Configurations

NDMP Backup Formats and Types

NDMP Backup with Types dump and tar

NDMP Backup with Type zfs

NDMP Incremental Backups

Replica Backups

NDMP Properties and Logs

NFS Configuration

NFS Service Properties

Configuring Kerberos Realms for NFS

NFS Logs and Analytics

NFS Naming Service Dependencies

Sharing a Filesystem Over NFS

NIS Configuration

Adding an Appliance Administrator from NIS (BUI)

NIS Properties and Logs

NTP Configuration

Setting Clock Synchronization (BUI)

Configuring NTP (CLI)

Phone Home Configuration

Registering the Appliance (BUI)

Registering the Appliance (CLI)

Changing Account Information (BUI)

Phone Home Properties

RESTful API Configuration

Service Tags Configuration

SFTP Configuration

Adding SFTP Access to a Share (BUI)

Configuring SFTP for Remote Access (CLI)

SFTP Properties, Ports, and Logs

Shadow Migration Configuration

SMB Configuration

SMB Service Properties

Setting Properties to Export Shares over SMB

NFS/SMB Interoperability

SMB DFS Namespaces

SMB Microsoft Stand-alone DFS Namespace Management Tools Support Matrix

Adding DFS Namespaces to a Local SMB Group

Adding SMB Autohome Rules (CLI)

Adding a User to an SMB Local Group

SMB MMC Integration

SMB Share Management

SMB Users, Groups, and Connections

Listing SMB Services

Configuring SMB (BUI)

Configuring SMB Active Directory (BUI)

Configuring SMB Project and Share (BUI)

Configuring SMB Data Service (BUI)

SMTP Configuration

SNMP Configuration

Configuring SNMP to Serve Appliance Status (BUI)

Configuring SNMP to Send Traps (BUI)

SNMP Properties

SRP Configuration

SSH Configuration

Disabling root SSH Access (CLI)

SSH Properties and Logs

Syslog Configuration

Classic Syslog: RFC 3164

Updated Syslog: RFC 5424

SYSLOG Message Format

SYSLOG Alert Message Format

Example Configuring an Oracle Solaris Receiver (CLI)

Example Configuring a Linux Receiver (CLI)

System Identity Configuration

System Identity Properties and Logs

TFTP Configuration

Adding TFTP Access to a Share (BUI)

Virus Scan Configuration

Configuring Virus Scanning for a Share (BUI)

Virus Scan Properties and Logs

Virus Scan File Extensions

Scanning Engines

Shares and Projects

Shadow Migration

Snapshots and Clones

Remote Replication

Data Encryption

Maintenance Workflows

Language:

NTP Properties

The following NTP properties are available at Configuration > Services > NTP:

Table 80 NTP Properties

Property	Description	Examples
Discover NTP server via multicast address	Enter a multicast address here for an NTP server to be located automatically	224.0.1.1
Manually specify NTP server(s)	Enter one or more NTP servers (and their corresponding authentication keys, if any) for the appliance to contact directly	0.pool.ntp.org
NTP Authentication Keys	Enter one or more NTP authentication keys for the appliance to use when authenticating the validity of NTP servers. See Figure 81, Table 81, NTP Private Keys and Integers.	Auth key: 10, Type: ASCII, Private Key: SUN7000

Validation - If an invalid configuration is entered, a warning message is displayed and the configuration is not committed. This will happen if:

A multicast address is used but no NTP response is found.
An NTP server address is used, but that server does not respond properly to NTP.

Authentication - To prevent against NTP spoofing attacks from rogue servers, NTP has a private key encryption scheme whereby NTP servers are associated with a private key that is used by the client to verify their identity. These keys are not used to encrypt traffic, and they are not used to authenticate the client -- they are only used by the NTP client (that is, the appliance) to authenticate the NTP server. To associate a private key with an NTP server, the private key must first be specified. Each private key has a unique integer associated with it, along with a type and key. The type must be one of the following:

Table 81 NTP Private Keys and Integers

Type	Description	Example
DES	A 64-bit hexadecimal number in DES format	0101010101010101
NTP	A 64-bit hexadecimal number in NTP format	8080808080808080
ASCII	A 1-to-8 character ASCII string	topsecret
MD5	A 1-to-8 character ASCII string, using the MD5 authentication scheme.	md5secret

After the keys have been specified, an NTP server can be associated with a particular private key. For a given key, all of the key number, key type, and private key values must match between client and server for an NTP server to be authenticated.

Copyright © 2009, 2017, Oracle and/or its affiliates. All rights reserved.