Sites and DNS

Kai Blin kai at samba.org
Tue Mar 27 04:35:52 MDT 2012 

On 2012-03-27 12:17, Kev Latimer wrote:

Hi Kev,

> Makes sense.  I was aware it didn't support signed updates yet but I
> think I assumed that DNS records that exposed elements of the directory
> (ie. sites, dc, gc etc.) were handled through directly manipulating the
> directory (RPC?) with DNS just exposing the result.  I think I'd
> discounted signing as an issue in this case I was seeing the same result
> with BIND9_DLZ.

Ok, I have zero experience with the DLZ stuff, not sure what might be
the problem there.

> I've applied your workaround and samba_dnsupdate completes cleanly and
> sites are showing in DNS.  Renamed Default-First-Site-Name is showing,
> as well as Default-First-Site-Name itself, which was a surprise but I
> assume this will clear over time through whatever built-in scavenging is
> present.

You can't add or remove zones via dns updates, so this probably needs to
be done via the RPC pipe. This applies for both the internal server and
bind/dlz, maybe Amitay knows more here.

> I'd like to try using the internal DNS server as my first choice but
> while I've some experience with BIND and it's config, I can't seem to
> find any docs on how to do basic config for the internal server, such as
> record scavenging, forwarders etc.?  I've cheekily tried to perform
> changes in the properties box of the DNS MMC (!) without success so I
> assume this set via.smb.conf - can you clarify any settings that can be
> made or if this is documented somewhere and I've not been looking
> properly?  I'd be more than happy to compile any info I can find on the
> samba4 wiki if it's of any help?

Currently the answer is simple. Apart from "allow dns updates", there is
nothing you can configure with the internal server. As I would assume
that everything you can set via the MMC should apply to both the
internal server and bind/dlz, I think Amitay and me need to figure out
how we handle all those options. In the short term, I will be adding
configuration options in smb.conf. I've got a patch-set that allows for
some primitive forwarding, so that's probably one of the next features
to go in.

Cheers,
Kai

-- 
Kai Blin
Worldforge developer http://www.worldforge.org/
Wine developer http://wiki.winehq.org/KaiBlin
Samba team member http://www.samba.org/samba/team/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120327/630c425c/attachment.pgp>

More information about the samba-technical mailing list