Samba4 and Bind on separate servers
Dave Craft
wimberosa at gmail.com
Tue Jun 21 08:07:49 MDT 2011
> Does Samba4 need DNS to be running on the same server or can I get away with
> DNS being on a separate server?
It appears that samba_dnsupdate uses nsupdate which updates your zone
files wherever the name server is (local or remote). I would assume this
would work if you get your authentication (shared secret) set up correctly
between the DC and the DNS server. (see /usr/local/samba/private/dns.keytab
and environment variables KEYTAB_FILE and KRB5_KTNAME for bind).
You would also have to copy over the proper named.conf and named.conf.update
as well as the zone files produced during the AD provision to your appropriate
place on the name server (see /usr/local/samba/private/named.* and
/usr/local/samba/private/dns.*)
I originally was attempting something like this because I didn't want samba
to take over my name server since it contained my other (non AD using machines).
Eventually I decided the best way to handle it was to allow samba to have its
own subdomain (e.g. samba.example.com) off my main domain (e.g. example.com)
and then add a slave record to the the samba dns server for
example.com. In this
manner the nameserver on the samba DC can handle anything in the
samba.example.com
domain and it can punt to the main nameserver for (e.g. example.com)
for the rest of my nodes.
zone "example.com" in {
type slave;
masters {192.168.1.120;};
};
If you successfully manage new ways of doing this then send me a note because
this is one of the sections in the samba 4 deployment guide that needs
to be written up.
--
Regards, Dave
Cut the headlights and put it in neutral.
More information about the samba-technical
mailing list