[Samba] Samba 4 internal DNS - how to modify SOA record
Dmitry Khromov
icechrome at gmail.com
Tue Aug 6 15:58:44 MDT 2013
>> How could one modify a SOA record in rc3? For example, NS part (not NS record) of SOA record points to an absent Windows server. This effectively breaks DNS updates, since there is no such server and if corresponding A record is added, update requests from clients will come unsigned.
>> Editing it directly via LDAP breaks Samba (some sort of checksum/hash?) MMC snap-in says "Zone not loaded by DNS server", so it is not possible to use it either. samba-tool dns add|delete|update can't operate on SOA record.
>> Maybe someone could give a link to some document describing dnsRecord, so one could forge a valid record and just change dnsRecord in DC=@ using some LDAP tool?
>
> I have the very same problem, does anybody know a way?
> I am thinking of converting to BIND, modifying and then converting it
> back to Internal DNS implementation.
I doubt that will do the job. As I recall, I forged the dnsRecord
manually (record's structure description could be found on the MSDN) and
ldbmodify'ed the corresponding ldb on every DC (Samba should not be
run). Alternatively, you may just capture the conversation between Samba
and MMC snap-in - the value you need is being sent in clear text.
Regards,
- Dmitry
More information about the samba
mailing list