migration bind9 flat file to DLZ

Amitay Isaacs amitay at gmail.com
Wed Feb 8 01:16:56 MST 2012 

Hi Andreas,

On Mon, Feb 6, 2012 at 5:48 PM, Andreas Oster <aoster at novanetwork.de> wrote:
> Hello Amitay
> Am 06.02.2012 01:42, schrieb Amitay Isaacs:
>
> Hi Andreas,
>
> On Sun, Feb 5, 2012 at 1:20 AM, Andreas Oster <aoster at novanetwork.de> wrote:
>
> Hello Amitay,
>
> I had a look at your script and I am not sure if it does what I
> need.
> In our environment I did not provision samba but rather joined
> samba4 to an existing Windows AD. Then I have moved FSMO
> roles to samba4 and demoted the Windows server.
> This means that all the DNS stuff generated by the provision
> step is missing in my AD.
>
> When you join a domain, samba-tool uses provision code. Only as
> part of that provision, DNS bits are not provisioned.
>
> Do you know how to add the missing AD entries like
> dns-${hostname ?}, DnsAdmins ... ?
>
> I can add a check for dns accounts and adding them in upgradedns.
>
> I have started with my old bind9 setup without signed dns
> updates but would like to change that.
>
> Does your script support conversion of multiple flat files ? I currently
> have seperated the AD relevant DNS stuff into seperate zone files
> (_msdsc , _sites, _tcp and _udp)
>
> Well the script currently parses a single file as would have created by
> provision code with BIND9_FLATFILE as backend. You can merge
> both the zones in a single file and put it in the correct place, and
> upgradedns would be able to parse it. If you have not added any
> custom records in the zones, then you can actually specify
> --migrate=no, which will automatically create standard DNS
> records (for DC operation).
>
> Your AD database would be quite similar to the one provisioned with
> DNS backend of BIND9_FLATFILE. I suggest you try upgradedns
> (after I've added the check for DNS accounts), and check if that
> works for you.
>
> Thanks.
>
> Amitay.
>
> Combining the zone files is no problem, but what do you mean by "custom
> records" ?
> I have, for instance, a second samba DC which also has entries in the zone
> files and
> in the main zone file there are many static DNS entries. Do I have do remove
> those
> before migration ?
>
> I suspect the right place for the file would be /usr/local/samba/private/dns
> ?
>
> When adding the DNS account check, could you also take care of creating the
> dns.keytab
> file ?
>
> Thank you for your great efforts and kind help
>
> best regards
>
> Andreas

I have updated the upgradedns script to check for DNS accounts and create them
if they are missing.

Can you check if the script now works for you?

Thanks.

Amitay.

More information about the samba-technical mailing list