Punctuality is Important

Time keeping is especially important for Active Directory and Kerberos. I encountered an error when I was attempting to ssh into one of my AD enabled ESX hosts. The SSH error was “Permission Denied”, however after inspecting the logs (/var/log/messages) I discovered that pam_krb5 was throwing “Clock skew too great” errors.

This was odd to me, as I know every one of the ESX servers has NTP configured. Apparently ntpd died at some point, which caused the clock to begin losing time. Once the time difference between the domain controller and the ESX host exceeded 300 seconds (5 minutes), ESX no longer allowed me to login using AD credentials.

The fix was somewhat easy…reset the clock. Since I was able to login to the console, I did so as root, and executed ntpdate name.of.domain.controller, which forced it to sync the clock with the DC. After that was taken care of (which confirmed that it was ntp that broke), I went back to Virtual Infrastructure Client and reset the NTP settings for the host (it’s on the Configuration tab).

Podcast Junky

Hi, my name is Glenn and I am a Podcast junky.  My addiction reached the point that my wife gave me an IPOD Shuffle specifically for my podcast’s.  I consume between 15 – 20 hours of content a week!  Sounds like a lot I know, but here’s my secret…

I have kids whom I love dearly, but the little buggers took all my study time.  About a year ago I found a couple of techcast and started subscribing… I listen to them whenever I’m in my car, or doing chores around the house.  That my friend is how I stay up to date.  Today I got the latest scoop on ThinApp while I did the dishes.  If you haven’t discovered these little gems check them out who knows you might learn something.

Some of my current subscriptions: 

And this little gem I just found TODAY!