migration bind9 flat file to DLZ
Andreas Oster
aoster at novanetwork.de
Wed Feb 8 02:53:35 MST 2012
Hello Amitay,
just gave it a try but the script returns an error
saying that TXTRecord cannot be imported from
provision.sambadns.
kind regards
Andreas
Am 08.02.2012 09:16, schrieb Amitay Isaacs:
> Hi Andreas,
>
> On Mon, Feb 6, 2012 at 5:48 PM, Andreas Oster <aoster at novanetwork.de> wrote:
>> Hello Amitay
>> Am 06.02.2012 01:42, schrieb Amitay Isaacs:
>>
>> Hi Andreas,
>>
>> On Sun, Feb 5, 2012 at 1:20 AM, Andreas Oster <aoster at novanetwork.de> wrote:
>>
>> Hello Amitay,
>>
>> I had a look at your script and I am not sure if it does what I
>> need.
>> In our environment I did not provision samba but rather joined
>> samba4 to an existing Windows AD. Then I have moved FSMO
>> roles to samba4 and demoted the Windows server.
>> This means that all the DNS stuff generated by the provision
>> step is missing in my AD.
>>
>> When you join a domain, samba-tool uses provision code. Only as
>> part of that provision, DNS bits are not provisioned.
>>
>> Do you know how to add the missing AD entries like
>> dns-${hostname ?}, DnsAdmins ... ?
>>
>> I can add a check for dns accounts and adding them in upgradedns.
>>
>> I have started with my old bind9 setup without signed dns
>> updates but would like to change that.
>>
>> Does your script support conversion of multiple flat files ? I currently
>> have seperated the AD relevant DNS stuff into seperate zone files
>> (_msdsc , _sites, _tcp and _udp)
>>
>> Well the script currently parses a single file as would have created by
>> provision code with BIND9_FLATFILE as backend. You can merge
>> both the zones in a single file and put it in the correct place, and
>> upgradedns would be able to parse it. If you have not added any
>> custom records in the zones, then you can actually specify
>> --migrate=no, which will automatically create standard DNS
>> records (for DC operation).
>>
>> Your AD database would be quite similar to the one provisioned with
>> DNS backend of BIND9_FLATFILE. I suggest you try upgradedns
>> (after I've added the check for DNS accounts), and check if that
>> works for you.
>>
>> Thanks.
>>
>> Amitay.
>>
>> Combining the zone files is no problem, but what do you mean by "custom
>> records" ?
>> I have, for instance, a second samba DC which also has entries in the zone
>> files and
>> in the main zone file there are many static DNS entries. Do I have do remove
>> those
>> before migration ?
>>
>> I suspect the right place for the file would be /usr/local/samba/private/dns
>> ?
>>
>> When adding the DNS account check, could you also take care of creating the
>> dns.keytab
>> file ?
>>
>> Thank you for your great efforts and kind help
>>
>> best regards
>>
>> Andreas
> I have updated the upgradedns script to check for DNS accounts and create them
> if they are missing.
>
> Can you check if the script now works for you?
>
> Thanks.
>
> Amitay.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120208/f30ac0df/attachment.pgp>
More information about the samba-technical
mailing list