Mixing DDNS from DHCP and Windows
Matthieu Patou
mat+Informatique.Samba at matws.net
Fri May 14 09:17:15 MDT 2010
Hello,
It's a tip for those who wants to mix both because they have either
linux client or printers.
So basicaly you need to have your dhcp.mydomain.org granted for update.
Most of howto on internet tells to add
allow-update { key "dhcp-key"; }; to the mydomain.org zone definition
and also to the reverse(s) zone(s).
But allow-update is incompatible with the grant notation used for the MS
DNS update.
The idea is to translate allow-update { key "dhcp-key"; }; to
grant dhcp.mydomain.org wildcard *.mydomain.org TXT A AAAA;
Steps:
0) test that ddns in interim mode is working (using the allow-update)
1) put the dhcp interim key in a file called /etc/bind/dhcp.key and the
key name MUST be the same as the one you give in the grant (I suggest
dhcp.mydomain.org)
ie.
key "dhcp.mydomain.org" {
algorithm hmac-md5;
secret "superPouperPassword";
};
2) at the top of /etc/bind/named.conf add: include "/etc/bind/dhcp.key";
3) mydomain.org should have line like this: include
"/usr/local/samba/private/named.conf.update";
4) in the reverse(s) zone(s) add a line like this: grant
dhcp.mydomain.org wildcard *.90.16.172.in-addr.arpa. PTR;
5) create the file /usr/local/samba/private/named.conf.update.static
with the following line:
grant dhcp.mydomain.org wildcard *.mydomain.org TXT A AAAA;
6) wait for samba to regenerate the file
/usr/local/samba/private/named.conf.update
7) check that the new /usr/local/samba/private/named.conf.update
contains the grant for dhcp.
8) edit your /etc/dhcp/dhcpd.conf
And add this:
class "foo" {
match if substring (option vendor-class-identifier, 0, 4) = "MSFT";
ddns-updates off;
allow client-updates;
}
This is to prevent MS workstation/server to use the DDNS from DHCP.
Matthieu.
More information about the samba-technical
mailing list