Mixing DDNS from DHCP and Windows

John H Terpstra jht at samba.org
Fri May 14 09:53:59 MDT 2010 

On 05/14/2010 10:17 AM, Matthieu Patou wrote:
> Hello,
> 
> It's a tip for those who wants to mix both because they have either
> linux client or printers.
> 
> So basicaly you need to have your dhcp.mydomain.org granted for update.
> Most of howto on internet tells to add
>  allow-update { key "dhcp-key"; }; to the mydomain.org zone definition
> and also to the reverse(s) zone(s).
> 
> But allow-update is incompatible with the grant notation used for the MS
> DNS update.
> The idea is to translate  allow-update { key "dhcp-key"; }; to
> grant dhcp.mydomain.org  wildcard *.mydomain.org TXT A AAAA;
> 
> Steps:
> 0) test that ddns in interim mode is working (using the allow-update)
> 1) put the dhcp interim key in a file called /etc/bind/dhcp.key and the
> key name MUST be the same as the one you give in the grant (I suggest
> dhcp.mydomain.org)
> ie.
> key "dhcp.mydomain.org" {
>   algorithm hmac-md5;
>   secret "superPouperPassword";
> };
> 2) at the top of /etc/bind/named.conf add: include "/etc/bind/dhcp.key";
> 3) mydomain.org should have line like this: include
> "/usr/local/samba/private/named.conf.update";
> 4) in the reverse(s) zone(s) add a line like this:  grant
> dhcp.mydomain.org wildcard *.90.16.172.in-addr.arpa. PTR;
> 5) create the file /usr/local/samba/private/named.conf.update.static
> with the following line:
>         grant dhcp.mydomain.org  wildcard *.mydomain.org TXT A AAAA;
> 6) wait for samba to regenerate the file
> /usr/local/samba/private/named.conf.update
> 7) check that the new /usr/local/samba/private/named.conf.update
> contains the grant for dhcp.
> 8) edit your /etc/dhcp/dhcpd.conf
> And add this:
> class "foo" {
>   match if substring (option vendor-class-identifier, 0, 4) = "MSFT";
>   ddns-updates    off;
>   allow client-updates;
> }
> This is to prevent MS workstation/server to use the DDNS from DHCP.
> 
> 
> 
> Matthieu.


Matthieu,

Perhaps you could add this to the wiki?  Seems to me this may be usful
info to others wishing to deploy samba4 with DDNS.

Cheers,
John T.

More information about the samba-technical mailing list