[Samba] Samba4 DNS question

Marc Muehlfeld samba at marc-muehlfeld.de
Fri Dec 27 12:21:21 MST 2013

Hello Árpád,

Am 19.12.2013 14:40, schrieb Kunszt Árpád:
> I have a virtual server with 2 network interfaces. The first one
 > is in the server network, the second one is in the storage network
 > (the samba shares are on an NFS volume). If I start the
 > sernet-samba-ad service with both interfaces are up I got both IPs
 > in the A record.

Can you try binding Samba to your none-storage-network-NIC (plus localhost):

bind interfaces only = yes
interfaces = lo ethX

And make sure, that you removed all DNS entries pointing to the other 
NIC from all zones.

> Another question about DNS. Can I use my BIND server as a
 > secondary for the zones in the Samba server?

Currently, if you use BIND DLZ on your Samba DC, then you can do zone 
transfers (regardless, what is configured in AD). This is a bug 
(https://bugzilla.samba.org/show_bug.cgi?id=9634). If you use the 
internal DNS of Samba on your DC, then you can't 

As long as the DNS backend isn't fully fixed, you can maybe use the bug 
with BIND DLZ to do zone transfers. :-) How you can switch from internal 
to BIND DLZ, I've described in the Wiki.

But it would be better if you have an additional DC. This would bring 
you reliability - not just for DNS. And in your Bind server, you can add 
a forward zone:

zone "samdom.example.com" {
          type forward;
          forwarders {;; };

> [root at samba ~]# samba-tool dns zoneinfo user.test
> ...
>    aipSecondaries              : []
>    aipNotify                   : []
> ...
> Can I set the values above somehow? Do they allow the BIND to AXFR the zone?

The zone transfer/DNS stuff isn't currently fully implemented. See 
above. Depending on what kind of backend you use (internal/BIND), zone 
transfers are currently possible or not (regardless what is configured).


More information about the samba mailing list