Default DNS server for Samba 4.0
Matthieu Patou
mat at samba.org
Thu Sep 6 12:21:30 MDT 2012
On 09/05/2012 05:02 AM, Kai Blin wrote:
> Hi folks,
>
> if you watched the patch stream, you might have noticed that I pushed a
> set of patches this morning that get the internal DNS server to a point
> where it can correctly negotiate GSS-based TKEYs and then use those
> TKEYs to verify TSIG signatures, e.g. for updates. I have tested this
> with a Samba3 client and a Win7 client, and both can successfully update
> their DNS records using GSS-TSIG signed update requests. (I actually
> pushed a messy set and have reverted it, sorry about that. I'll have a
> clean version up later today.)
>
> With this code in place, I would suggest that we switch to the internal
> DNS as default for new Samba provisions. Seeing how much of our support
> burden is caused by the BIND setup, I'm hoping to make life easier for
> our users with this step. Defaulting to the internal DNS is something
> that we have discussed a couple of times in the past, and usually the
> only blocker people came up with was the lack of GSS-TSIG support. With
> the blocker gone, let's make the switch.
>
Great job kai, I'll give it a shot tonight I hope and make your internal
DNS server my primary DNS server at home.
As far as I'm concerned with recursive DNS working non blocking and
GSS-based TKEY I'm in the favor of the internal DNS server as default one.
The only question is who will be the maintainer of this code ?
Matthieu.
--
Matthieu Patou
Samba Team
http://samba.org
More information about the samba-technical
mailing list