Problems setting up (fresh) Samba 4 installation

Rowland Penny repenny at f2s.com
Thu Jan 3 13:13:58 MST 2013


On 03/01/13 19:54, Mark Pilant wrote:
> Hi Rowland.
>
>> In smb.conf, you need to have the line 'dns forwarder = <a good external
> dns server ip address>'
>> For instance 'dns forwarder = 208.67.222.222', this is the nameserver
> that all unknown requests are sent to.
>> It is the internal dns server that forwards requests,
> not /etc/resolv.conf.
>
> I can understand about the forwarder for Samba, but only if it was handling
> *all* the DNS requests.  Does that mean named on the host system is really
> nothing more than a jacket forwarding everything to the Samba code?
Yes samba will handle all the DNS requests, if you want to use Bind9 
(named), you must provision samba 4.0.0 to use it:
--dns-backend=BIND9_DLZ
and set Bind9 up as required by samba 4.0.0, if you want to use Bind9, 
it will probably be better to compile it from source as the version that 
comes with Centos 6.3 is only 9.8.2rc1


>> You should only have one nameserver in /etc/resolv.conf and should point
> to samba 4 server i.e. 'nameserver 127.0.0.1'
>
> The reason for two entries is the system is operating in split-brain DNS
> mode.  The primary DNS address being used for systems part of the "domain"
> and the secondary DNS address used for everything else.

Just set /etc/resolv.conf to use only one nameserver and use 127.0.0.1

>> All the zone files are created by the internal dns server and you cannot
> easily alter them, nor do you need to.
>
> OK.  This then begs the question: is the internal DNS server "replacing"
> the DNS server which would ordinarily be used for non-Samba traffic?  E.g.,
> web pages from a browser.

YES

>> Good , don't  install one, you will use the one built into Samba 4.0.0
> Does this mean the one built into Samba will also be used for general
> Kerberos requests within the "domain"?

Yes

>
> I guess I'm just really confused about where the boundaries are (host
> system and Samba) for things like DNS, Kerberos, etc.
>
> - Mark, the puzzled :-) :-)
>

I hope this helps, but if not I could probably send you a howto, to help 
you set up your basic server

Rowland


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



More information about the samba-technical mailing list