[Samba] Dynamic Updates to Bind DLZ through DHCP have repeated errors in syslog
ralph strebbing
blackbirdralph at gmail.com
Wed Jan 27 20:43:52 UTC 2021
So I'm upgrading our current NT4 domain to Samba AD with Bind9 DNS. Our
current DHCP/DNS setup is on one server, separate from the Domain server.
With Samba AD, we'll be using Samba's tools to manage the DNS, thus
allowing use of things like the Windows Server Admin Tool suite (DNS, AD
Users & Groups, etc.). So Bind9, isc-dhcp-server, and Samba is all going to
be on the same machine for the new setup.
The new domain runs on domain.com, not ad.domain.com, this is intentional.
The entire org runs on this domain.com domain, including full resolution of
hostname through DNS. Our current setup syncs the records through rndc_key
(Seems similar to this guide:
http://www.debianadmin.com/howto-setup-dhcp-server-and-dynamic-dns-with-bind-in-debian.html),
though this was setup by my predecessor.
Following Samba's Guide (
https://wiki.samba.org/index.php/Configure_DHCP_to_update_DNS_records_with_BIND9
) on how to set this up, I noticed some glaring issues in /var/log/syslog once
we started passing some traffic to this server. Most notably being various
uncaught exceptions from leases expiring/DHCP renewals. Looking deeper,
this is caused from the script not having all of the required args that
samba-tool requires to delete an entry in DNS, specifically the Record name
(e.g if the record was my-pc.domain.com, it isn't passing the my-pc piece).
Below are my configurations of BIND and DHCP, as well as some log snippets:
BIND Configuration files:
named.conf.options
http://haste.thegamingcorner.net/yawevezozi.cs
named.conf.local
include "/var/lib/samba/bind-dns/named.conf";
DHCP Configuration files:
http://haste.thegamingcorner.net/rowukatuge.cpp
/var/log/syslog snippets (multiple haste links):
This one shows a lease expiration and renewal, but unsuccessful on the DNS
script run: http://haste.thegamingcorner.net/ibixayefek.sql
This one is showing that when the lease expires, the script provided from
the above guide isn't using the required arguments from samba-tool, causing
a fail condition on the dhcp-dyndns script:
http://haste.thegamingcorner.net/ewinedeyos.sql
My question boils down to: Is this the best way to handle DHCP updating
non-domain bound devices (e.g IP Phones, independent PCs, etc.) in AD's
DNS? Have there been any revisions to the script/the hooks in dhcpd.conf to
allow for these args to be pulled? We have a need for all devices on the
network to be added to DNS once DHCP issues a lease for remote support, so
it's critical that this piece be working correctly before moving this to
production.
Let me know if there's anything else needed to help answer this, and I
appreciate any help given!
Regards,
Ralph
More information about the samba
mailing list