[Samba] how to allow ISC dhcpd to add/update entries to bind9 with bind_dlz (samba4)

[Andreas Oster]

Am 18.03.2012 16:19, schrieb steve:
> On 17/03/12 18:00, Andreas Oster wrote:
>> I want to achieve the following:
>>
>> 1) allow non-Windows machines (printers, ILO ...) to be added by dhcpd
>> 2) allow Windows machines (joined to AD) to update their own entries
>>
>> 2 - already works with the configuration from samba wiki
>>
>> Thank you for your kind help
>>
>> best regards
>>
>> Andreas
>>
> Hi
> I'm not sure if his is what you mean but we have a lan of windows and
> linux clients under s4. Both win and Linux clients get their IP via
> dhcp. You can see the Kerberos dialogue reveal the IP when the box first
> connects. It is a different IP after each boot. So, if Linux counts as
> non windows, then yes, it works. We did nothing apart from adding the
> dlz stuff to bind.
> Cheers,
> Steve
> 
Hello Steve,

maybe I did not understand the concept behind this secure dynamic DNS
stuff between samba4 adn bind9 with bind_dlz module. I thought that the
following bind9 config ( from samba4 howto) only allows principal
dns-"sambaserver" to add/remove/modify DNS entries

options {
 [...]
 tkey-gssapi-keytab "/usr/local/samba/private/dns.keytab";
 [...]
 };

Also, from reading some postings, I got the impression that members of
the domain (windows workstations, member servers) should be able to
update their DNS entries. But what about network clients that get their
IP via DHCP and which have no machine entry in the AD ? How can their
names be added to the bind9 database dynamically ? How can I enable the
dhcp daemon on another linux server to update the entries for these
network clients ?

Thank you for your kind help

best regards

Andreas