[PATCH] Switch to internal dns server as default for provision
Rowland Penny
repenny at f2s.com
Sun Sep 9 06:04:24 MDT 2012
On 09/09/12 12:46, steve wrote:
> On 09/09/12 12:51, Rowland Penny wrote:
>> On 09/09/12 09:51, steve wrote:
>>> On 06/09/12 21:19, Ricky Nance wrote:
>>>> Steve, I would assume the following options would work for you, btw
>>>> the
>>>> following commands are really useful:
>>>>
>>>> root at ws-server:/usr/local/samba/var# samba-tool testparm -v | grep dns
>>>>
>>>> dns proxy = Yes
>>>> allow dns updates = False
>>>> dns forwarder =
>>>> dns recursive queries = No
>>>> dns update command = /usr/local/samba/sbin/samba_dnsupdate
>>>> multicast dns register = No
>>>> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
>>>> drepl, winbind, ntp_signd, kcc, dnsupdate
>>>> dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr,
>>>> netlogon, lsarpc, spoolss, drsuapi, dssetup, unixinfo, browser,
>>>> eventlog6, backupkey, dnsserver
>>>>
>>>> that being said, if you are using s3fs, you also need to look at
>>>> `testparm -v | grep mysearch`. Personally with things changing daily I
>>>> use those commands often.
>>>>
>>>> Good luck,
>>>> Ricky
>>>>
>>>>
>>>> On Thu, Sep 6, 2012 at 1:35 PM, steve <steve at steve-ss.com
>>>> <mailto:steve at steve-ss.com>> wrote:
>>>>
>>>> On 09/06/2012 08:22 PM, Ricky Nance wrote:
>>>>
>>>> Steve,
>>>>
>>>> This was straight from Kai on irc: 'Simply power down bind,
>>>> add
>>>> "server services = +dns" to your smb.conf'.
>>>>
>>>>
>>>> Thanks Ricky. I'm just about to give it a go. It would also
>>>> good to
>>>> have some doco on how to setup forwarders. Or just a bit of
>>>> anything
>>>> that end users could have a go at.
>>>> Cheers,
>>>> Steve
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>>
>>>>
>>> No
>>> Nothing
>>> The dns updates fail:
>>>
>>> ../source4/dsdb/dns/dns_update.c:294: Failed DNS update -
>>> NT_STATUS_IO_TIMEOUT
>>> # Global parameters
>>> [global]
>>> workgroup = MARINA
>>> realm = hh3.site
>>> netbios name = HH1
>>> server role = active directory domain controller
>>> passdb backend = samba4
>>> idmap_ldb:use rfc2307 = Yes
>>> dns proxy = Yes
>>> allow dns updates = False
>>> dns forwarder = 192.168.1.1
>>> dns recursive queries = No
>>> dns update command = /usr/local/samba/sbin/samba_dnsupdate
>>> multicast dns register = No
>>> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
>>> drepl, winb
>>> dcerpc endpoint servers = epmapper, wkssvc, rpcecho, samr,
>>> netlogon, l
>>>
>>> This is a great idea but could we simply have some plain Eglish
>>> documatation to tell us what to do please?
>>>
>>> It's back to bind for now.
>>> Thanks
>>> Steve
>>>
>>>
>>>
>> And can it be made to work with dhcp?
>>
>> Rowland
>>
>>
> Hi
> Nope. Totally and utterly dead. No DNS anywhere in sight. Probably
> because I don't have +dns on the the server services entry?
> No Idea.
> Really do wish we could have an answer to:
> 'I have bind dlz working. Could you give me a step by step blow of how
> to change to the the internal dns server?'
>
> I'm not going to get that answer just at the moment.
>
> Kai: Be nice. Gizza 4 liner crash course from bind to internal. IOW, I
> am up and running with bind. What do I do to change to the Internal DNS.?
>
> None of the suggestions so far have worked although I really do thank
> all of you for having spent the time to share them.
>
> Cheers,
> Steve
>
>
>
Hi Steve,
This is what I had in smb.conf:
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc,
drepl, winbind, ntp_signd, kcc, dnsupdate, dns
idmap_ldb:use rfc2307 = yes
template shell = /bin/bash
interfaces = 127.0.0.1 192.168.0.0/24
allow dns updates = True
# Query remote name servers on behalf of the clients
dns recursive queries = yes
# If recursive queries = yes is set, the following is also needed
dns forwarder = 208.67.222.222
I provisioned with:
provision --realm=home.lan --domain=HOME --adminpass=MYPASS
--dns-backend=SAMBA_INTERNAL --use-rfc2307 --server-role=dc
The internal dns server worked, but I could not get dhcp to update it,
even though the setup I used worked with Bind9.
Rowland
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the samba-technical
mailing list