[Samba] Samba4 subdomain delegation
Roberto Suárez Soto
robe at allenta.com
Mon Aug 11 05:21:04 MDT 2014
Hi,
we're planning a Samba 3 to Samba 4 upgrade, and we're quite happy
with the tests we've done. Everything worked as expected, and I hope
that the migration will be done without major issues (famous last
words). But we're having some problems with subdomain delegation.
Our setup is formed by the Samba server and a DNS server running
Bind 9. The DNS server is used both to serve the internal DNS zone
(let's say "customer.com") and as recursive caching server. Currently,
the internal DNS zone is configured as "master zone", but our plan is to
change it to a "forward zone" (pointing to the Samba server) as soon as
the migration is done. There is also a DNS zone "dhcp.customer.com" used
for DHCP clients, updated automatically by the DHCP server (also running
in the DNS server). We would like to keep this zone in the DNS server,
mostly because it already works and because we'd like everyone querying
the DNS server for everything, leaving Samba 4 like a sort of "hidden
master".
I've added a NS record for "dhcp.customer.com" (pointing to the DNS
server) with samba-tool, but this seems not to be enough. Queries for
hosts in this subdomain return a NXDOMAIN result. The Samba server is
able to query the DNS server, which in fact is its DNS forwarder, so
communications shouldn't be a problem. I've also tried to use the RSAT
tools from Windows to add a zone delegation, and it seems to work up to
a point: a NS record is added, but it still doesn't work. Besides, a
"Validation error. Try again later." (my translation from spanish to
english) warning appears when I enter the name and address of the DNS
server.
So, my question is: what is the recommended way to add subdomain
delegation to Samba 4 DNS? Has it any caveats that we should be aware of?
Thanks in advance,
--
Roberto Suárez Soto
Allenta Consulting <http://www.allenta.com> (+34 881 922 600)
ISO 9001, ISO 14001, ISO 27001, EMAS <https://www.allenta.com/iso>
Privacidad / Privacy <https://www.allenta.com/mail-privacy>
More information about the samba
mailing list