Samba4 and Bind on separate servers
tridge at samba.org
tridge at samba.org
Tue Jun 21 19:17:25 MDT 2011
Hi Dave and Peter,
> > Does Samba4 need DNS to be running on the same server or can I get away with
> > DNS being on a separate server?
>
>
> It appears that samba_dnsupdate uses nsupdate which updates your zone
> files wherever the name server is (local or remote).
yes, that's right, although there is one aspect of our DNS setup that
needs to be local at the moment.
With the current default config the samba daemon maintains a file
called named.conf.update which is included in the named.conf. That
file contains a list of ACLs that allow other DCs in the domain to add
their required DNS entries (such as SRV entries) to the DNS domain.
The named.conf.update is automatically updates by the samba daemon
when it sees a new DC appear in the domain. See
source4/dsdb/dns/dns_update.c in the function dnsupdate_rebuild() for
the code details.
So if you ran the DNS server remotely, then you wouldn't get updates
to this file. You could periodically sync it via some other method
(eg. rsync) or you could update it manually when you add a new DC.
Once we've switched over to using the new bind9 plugin method for DNS
updates in Samba4 then this file won't be needed, although in that
case the DNS server will still need to be running Samba, as the DNS
database will then be stored directly in the AD ldap store.
Cheers, Tridge
More information about the samba-technical
mailing list