Default DNS server for Samba 4.0

Volker Lendecke Volker.Lendecke at SerNet.DE
Wed Sep 5 06:30:04 MDT 2012

On Wed, Sep 05, 2012 at 02:02:42PM +0200, Kai Blin wrote:
> if you watched the patch stream, you might have noticed that I pushed a
> set of patches this morning that get the internal DNS server to a point
> where it can correctly negotiate GSS-based TKEYs and then use those
> TKEYs to verify TSIG signatures, e.g. for updates. I have tested this
> with a Samba3 client and a Win7 client, and both can successfully update
> their DNS records using GSS-TSIG signed update requests. (I actually
> pushed a messy set and have reverted it, sorry about that. I'll have a
> clean version up later today.)
> With this code in place, I would suggest that we switch to the internal
> DNS as default for new Samba provisions. Seeing how much of our support
> burden is caused by the BIND setup, I'm hoping to make life easier for
> our users with this step. Defaulting to the internal DNS is something
> that we have discussed a couple of times in the past, and usually the
> only blocker people came up with was the lack of GSS-TSIG support. With
> the blocker gone, let's make the switch.



SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen, mailto:kontakt at

More information about the samba-technical mailing list