[PATCH] Use samba-tool to add DNS entries with samba_dnsupdate

Andrew Bartlett abartlet at samba.org
Sat Mar 14 03:19:41 MDT 2015 

On Sat, 2015-03-14 at 10:07 +0100, Stefan (metze) Metzmacher wrote:
> Hi Andrew,
> 
> >>> Why did you not add NS records to the dns_update_list?  Are we unable to
> >>> add those with dynamic DNS updates for some reason?  (If so, I'll make a
> >>> special case to force these to samba-tool). 
> >>
> >> Yes, this is not allowed via dns updates against Windows.
> >>
> >> I'd propose the following syntax:
> >>
> >> RPC ${ZONE} ${TYPE} ${NAME} ${TARGET}
> >>
> >> SERVER = NS server von ZONE
> >> => samba-tool dns add ${SERVER} ${ZONE} ${NAME}. ${TYPE} ${TARGET}
> >>
> >> ${IF_RWDNS_DOMAIN}RPC ${DNSDOMAIN} NS ${DNSDOMAIN} ${HOSTNAME}
> >> => samba-tool dns add ${SERVER} ${DNSDOMAIN} ${DNSDOMAIN}. NS ${HOSTNAME}
> >> ${IF_RWDNS_FOREST}RPC _msdcs.${DNSFOREST} NS _msdcs.${DNSFOREST} ${HOSTNAME}
> >> => samba-tool dns add ${SERVER} _msdcs.${DNSFOREST} _msdcs.${DNSFOREST}.
> >> NS ${HOSTNAME}
> >> ${IF_RWDNS_FOREST}RPC ${DNSFOREST} NS _msdcs.${DNSFOREST} ${HOSTNAME}
> >> => samba-tool dns add ${SERVER} ${DNSFOREST} _msdcs.${DNSFOREST}. NS
> >> ${HOSTNAME}
> >>
> >> See
> >> https://git.samba.org/?p=metze/samba/wip.git;a=commitdiff;h=c57c578539e65ce4fa9c4bc2c61b08ad9900a40a
> > 
> > Why not just make NS records go via the RPC layer, leaving the rest of
> > the syntax as-is?
> 
> Also note that we require _msdcs.${DNSFOREST} to be updated twice.
> Once in the _msdcs.${DNSFOREST} zone and in the ${DNSFOREST} (see above).

OK, the glue records.

> This is not possible with the current syntax.
> 
> So it's basicaly just "RPC ${ZONE} " in front of what we have.
> 
> > How does the RPC prefix help, given I already have the transformation
> > between the different command-line syntaxes for the fallback case?
> 
> I think there're also other name types which require RPC to be used
> and currently the dns_update_list file is flexible enough to be extended
> by the admin. E.g. it's possible to add MX records, which would likely
> to require
> rpc too.

What is special about MX records?

> I also thought about having two file to be used instead of one
> dns_update_list
> file. I think we need one file that is based on the current samba version
> and can be upgraded with a new version and a file that the admin can manage.

This much I agree on.

Andrew Bartlett

-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba-technical mailing list