[Samba] DNS update via trusted machine account
Dale Schroeder
dale at BriannasSaladDressing.com
Tue Dec 29 11:35:59 MST 2009
I have had success with the method described at the end of the following
thread. It involves adding
three lines to dhclient.conf.
http://www.hardforum.com/showthread.php?p=1030669171
Note that only the Forward Lookup Zone is updated; PTR records are not.
However, this simple solution has been sufficient for me.
Dale
On 12/29/2009 10:33 AM, Robert LeBlanc wrote:
> Not sure if you need to export the key. If you run 'net ads dns register -P'
> it will use the machine account. You can put that in the script that runs
> when there is a network change. I'm not near a machine right now, but Debian
> has it in /etc/network/.
>
> Robert LeBlanc
>
> On Dec 29, 2009 7:48 AM, "Александр Р. Фахрутдинов"<alex_mgsm at mail.ru>
> wrote:
>
> As is known, Samba creates or updates AD DNS record only when it has joining
> to domain. When OS gets a new IP address via DHCP, there is no method for
> automatically DNS upgate with Samba.
> It's possible to update DNS with nsupdate-gss script, but it requests
> Kerberos
> TKEY, derived through kinit utility or pam_winbind module. In both cases, a
> domain admin password requests.
>
> However, Windows updates DNS using machine account. I think, if Samba
> exports
> a machine key somehow, it may be used for automatically DNS update via
> nsupdate-gss.
>
> Is someone knows how to export a machine key from Samba?
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list