16.10 - Synchronizing Time on Database Nodes and Unity Servers with Time on the KDC - Teradata Database

Teradata Database Security Administration

Product
Teradata Database
Release Number
16.10
Release Date
June 2017
Content Type
Administration
Security
Publication ID
B035-1100-161K
Language
English (United States)
  1. Navigate to the /etc directory and find the sample NTP configuration file, ntp.conf. The sample configuration file is similar to:
    ## server 127.127.8.0 mode 5 prefer
    
    ##
    ## Undisciplined Local Clock. This is a fake driver intended for backup
    ## and when no outside source of synchronized time is available.
    ##
    #server 127.127.1.0             # local clock (LCL)
    #fudge  127.127.1.0 stratum 10  # LCL is unsynchronized
    
    ##
    ## Outside source of synchronized time
    ##
    # server xx.xx.xx.xx   #IP address of server
    
    ##
    ## Miscellaneous stuff
    ##
    
    #driftfile /var/lib/ntp/drift/ntp.drift
    # path for drift file
    
    #logfile /var/log/ntp
    # alternate log file
    # logconfig =syncstatus + sysevents
    # logconfig =all
    
    # statsdir /tmp/                # directory for statistics files
    # filegen peerstats  file peerstats  type day enable
    # filegen loopstats  file loopstats  type day enable
    # filegen clockstats file clockstats type day enable
    
    #
    # Authentication stuff
    #
    # keys /etc/ntp.keys            # path for keys file
    # trustedkey 1 2 3 4 5 6 14 15  # define trusted keys
    # requestkey 15                 # key (7) for accessing server variables
    # controlkey 15                 # key (6) for accessing server variables
  2. Copy the sample NTP configuration and uncomment the lines that contain server xx.xx.xx.xx, driftfile, and logfile.
  3. On the server line, substitute the IP address for the KDC to which you want to synchronize the Teradata Database or Unity server, and add additional server lines for any other domain controllers that act as additional KDCs.

    You can use the following example to configure your file:

    Make sure to enter data that is valid for your system in all uncommented lines.
    ## server 127.127.8.0  mode 5 prefer
    
    ##
    ## Undisciplined Local Clock. This is a fake driver intended for backup
    ## and when no outside source of synchronized time is available.
    ##
    #server 127.127.1.0             # local clock (LCL)
    #fudge  127.127.1.0 stratum 10  # LCL is unsynchronized
    
    ##
    ## Outside source of synchronized time
    ##
    server 141.206.3.8  # IP address of server
    
    ##
    ## Miscellaneous stuff
    ##
    
    driftfile /var/lib/ntp/drift/ntp.drift # path for drift file
    
    logfile /var/log/ntp
    # alternate log file
    # logconfig =syncstatus + sysevents
    # logconfig =all
    
    # statsdir /tmp/                # directory for statistics files
    # filegen peerstats  file peerstats  type day enable
    # filegen loopstats  file loopstats  type day enable
    # filegen clockstats file clockstats type day enable
    
    #
    # Authentication stuff
    #
    # keys /etc/ntp.keys            # path for keys file
    # trustedkey 1 2 3 4 5 6 14 15  # define trusted keys
    # requestkey 15                 # key (7) for accessing server variables
    # controlkey 15                 # key (6) for accessing server variables
  4. Save the NTP configuration file in /etc/ntp.conf.
  5. To initiate the synchronization, enter the following:
    node_name:/# /etc/init.d/ntp start
  6. The synchronization process takes a few minutes to complete. To view the sequence as it takes place, enter:
    ntpq -p

    The system outputs something similar to:

    ntpq -p
     remote           refid   st t when poll reach   delay   offset  jitter
    =====================================================================
    *tusday700.td.te .GPS.    1 u  896 1024  377   77.267    5.317   0.193
     LOCAL(0)        LOCAL(0) 10 l   38   64  377    0.000    0.000   0.001
  7. Check the log file to verify that all the identified directory servers are synchronized. The log file looks similar to:
    Oct 16 12:42:55  node_name  ntpd[12387]: ntpd 4.2.0a@1.1213-r Tue Nov  8 17:39:08 UTC 2005 (1)
    Oct 16 12:42:55  node_name  ntpd[12387]: precision = 1.000 usec
    Oct 16 12:42:55  node_name  ntpd[12387]: Listening on interface wildcard, 0.0.0.0#123
    Oct 16 12:42:55  node_name  ntpd[12387]: Listening on interface wildcard, ::#123
    Oct 16 12:42:55  node_name  ntpd[12387]: Listening on interface lo, 127.0.0.1#123
    Oct 16 12:42:55  node_name  ntpd[12387]: Listening on interface eth0, 141.206.28.199#123
    Oct 16 12:42:55  node_name  ntpd[12387]: kernel time sync status 0040

    An entry appears for each synchronized directory server (KDC) and time server, identified by its IP address), as shown in the last line of log file.