Fix time skew issues in Kerberos environments by syncing your system time with a Domain Controller using systemd-timesyncd and ntpdate.
This script is especially useful in penetration testing labs or Active Directory environments where Kerberos authentication fails due to clock drift (krb_ap_err_skew(clock skew too great)).
This is the standard location for custom system-wide scripts:
sudo cp Time_Skew_Fix.sh /usr/local/bin/Time_Skew_Fix.shsudo chmod +x /usr/local/bin/Time_Skew_Fix.shRun the script with the IP address of your Domain Controller:
sudo Time_Skew_Fix.sh <domain_controller_ip>β Example:
sudo Time_Skew_Fix.sh 10.129.XX.XX- Installs required time synchronization packages
- Enables and configures
systemd-timesyncd - Adds the Domain Controller as the NTP server
- Forces a manual sync using
ntpdate - Prints the time sync status
Make sure the following packages are installed:
systemd-timesyncdntpdateutil-linux
(Optional) You can run the included requirements.sh script to install them automatically:
sudo ./requirements.shMIT β use freely, modify openly, share proudly.