[Samba] (D)DNS Updates with GNU/Linux clients in a samba 4 AD environment (BIND_DLZ)

Andreas Oster aoster at novanetwork.de
Tue Apr 9 02:49:03 MDT 2013

Am 09.04.2013 10:09, schrieb Olivier BILHAUT:
> Hi !
> I bounce on the Mr Sloop's post ([Samba] DDNS / DHCPd && Internal DNS or
> BIND_DLZ) to ask what's the easiest way to allow Linux clients to update
> themself their DNS record in the Samba4 AD server (with BIND_DLZ Dns
> server).
> It works well with windows clients, but with Linux clients joined to the
> domain, with a valid Kerberos ticket, the client receive a error
> "ERROR_DNS_INVALID_MESSAGE" and the famous "DNS update failed!" message.
> Is there a hack ? Thanks in advance.
> -- 
> Olivier
> Le 08/04/2013 20:00, samba-request at lists.samba.org a écrit :
>> Summary: If your clients are Windows clients, just leave things as
>> is... they will handle updating DNS records in EITHER the internal DNS or
>> BIND_DLZ server without any special hacks or scripts to handle it.
>> If you have a large mix of clients and need the non-windows clients to
>> update DNS via DHCPD, then using the script found in the following
>> link might be useful.
>> http://blog.michael.kuron-germany.de/2011/02/isc-dhcpd-dynamic-dns-updates-against-secure-microsoft-dns/

Hi Oliver,

I am using the modified by Charles Tryon which you find here:


To prevent those DNS update failures I have split my IP range into
several smaller pieces and made sure that Windows machines, which do
their own DNS updates, get IPs from a different IP range than other
machines (Linux, Android, IP-Phones ...). I also changed the script a
little to prevent ddns updates by the DHCP daemon for the Windows PCs.
In our case this is not a problem as our Windows PCs have distinct names
and I could easily create classes in dhcpd.conf using those names.

best regards


More information about the samba mailing list