samba4 dns related question
Matthieu Patou
mat at samba.org
Tue Sep 27 02:34:58 MDT 2011
On 26/09/2011 15:28, Jeff Sadowski wrote:
> My first domain controller on my domain was a windows 2003 machine
> with DNS. Recently I added my samba4_test18(a week ago) to my domain.
> I setup the windows DNS server to allow my linuxdc to zonetransfer and
> setup bind to be a slave for that domain. Everthing works as it should
> however ...
>
> I want to be cleaver and was hoping that someone may know how to set
> it up so that I can have local machines be used as domain controllers
> for local machines
> I was thinking all I would need to do was to have the DNS for the A
> record of the domain name only respond with the local machines. Not
> being a 100% is this correct?
> Is there a way to setup bind to do a mostly zone transfer but only
> leave a couple DNS entries for the domain name?
>
> Examples:
> How it is now
> my ip is 192.168.0.100
> domain controllers are 192.168.0.2, 192.168.0.3, 192.168.1.2, 192.168.2.2
>
> nslookup mydomain.local
> Server: DC1
> Address: 192.168.0.2
>
> Name: mydomain.local
> Addressess: 192.168.0.2
> 192.168.0.3
> 192.168.1.2
> 192.168.2.2
>
> Id like it that if I query one of the other linux dc's that I could
> get something like so
> nslookup mydomain.local
> Server: LinuxDC02
> Address: 192.168.0.3
>
> Name: mydomain.local
> Addressess: 192.168.0.2
> 192.168.0.3
>
> and the ones in the other offices to display the ones closer to them
> so that if it doesn't need to go to the main office it doesn't.
You can't all the DCs register themselves as having "mydomain.local"
pointing to them.
In order to solve your problem you have to define sites, computer
usually in one site will ask for DC by making the following DNS request:
host -t SRV _ldap._tcp.<sitename>._sites.domain.local.
The same for sysvol and netlogon the DFS referral protocol is returning
first DCs the closest to the computer.
For new computer and computers moving from 1 site to another, it has to
be tested I'm pretty sure we try to implement this but we might still
have bugs.
Matthieu.
--
Matthieu Patou
Samba Team
http://samba.org
More information about the samba-technical
mailing list