[Samba] DNS issues (my ignorance?) beating me like a rented mule.

Jefferson Davis jdavis at standard.k12.ca.us
Fri Jun 20 15:54:49 MDT 2014 

Sorry to ask... 

I've done all this, now, but from my main domain, say example.com, I cannot find hostmaster.ad.example.com . 

Despite at least "thinking" I have configure my BIND server to forward all queries about ad.example.com to the samba4 box, I get NXDOMAIN response. 

running dig +trace, does not seem to even ask the samba4 box. 

I have set up a forward zone in bind 

zone "ad.example.com" IN { 
type forward; 
forwarders { 10.100.0.29; }; 
}; 

and the start of my zone file as follows: 

$ORIGIN . 
$TTL 86400 ; 1 day 
example.com IN SOA dns.example.com. jdavis.example.com. ( 
2014355317 ; serial 
28800 ; refresh (8 hours) 
7200 ; retry (2 hours) 
864000 ; expire (1 week 3 days) 
86400 ; minimum (1 day) 
) 
NS dns.example.com. 
A 10.100.0.15 
MX 10 lsrem.example.com. 
TXT "v=spf1 mx a a:mail.example.com" 
ad.example.com IN NS samba4dc.ad.example.com. 
samba4dc.ad.example.com IN A 10.100.0.29 

Still no joy. Your answer makes sense, but I seem unable to properly execute or my bind9 config is jacked and I'm not seeing it :/ 

Thanks, 

-Jeff 

----- Original Message -----

From: "Rowland Penny" <rowlandpenny at googlemail.com> 
To: samba at lists.samba.org 
Sent: Friday, June 20, 2014 1:31:33 AM 
Subject: Re: [Samba] DNS issues (my ignorance?) beating me like a rented mule. 

On 20/06/14 01:37, Jefferson Davis wrote: 
> So, I managed to get an ad controller running, but cannot seem to get it to forward dns queries to my DNS server. 
> 
> It resolves it's own SRV records just fine. 
> 
> upstream bind is 9.2 
> 
> AD controller is the same DNS domain as the rest of my network (could this be the issue?) 
Yes 

> 
> using SAMBA_INTERNAL on the AD controller. 
> 
> It's like I can either resolve my AD controllers SRV records or the rest of my domain, but not both... 
> 
> I've added the IP of the upstream DNS server to the forwarder statement in smb.conf, and added the ip of the AD controller to bind's forwarders {} block. 
> 
> No joy. 
> 
> I'm missing something in my understanding of DNS forwarding or something here. If you need to see more info please let me know. 
> 
> Thanks 
> 
OK, lets see if I can explain this: 

a client asks about a hostname that is a domain member, the samba4 
server replies with the required info, it doesn't ask its forwarder. 

a client asks about an hostname outside the domain, the samba4 server 
does not have the info and it is not in its domain, so it asks its 
forwarder and gets the info and passes it to the asking client. 

a client asks about a hostname that is not a domain member but has the 
same domain name, the samba4 server replies that it does not know this 
machine, it does not ask its forwarder. 

Moral of the story, if your domain name is 'example.com' set your samba4 
domain to be a sub-domain of this i.e. 'samba.example.com' 

Rowland 

-- 
To unsubscribe from this list go to the following URL and read the 
instructions: https://lists.samba.org/mailman/options/samba 



-- 



Jefferson K Davis 
Technology and Information Systems Manager 
Standard School District 
1200 North Chester Ave 
Bakersfield, CA 93308 
661.392.2110 ext 120 (office) 
http://district.standard.k12.ca.us 

District Users: Click here to report technology issues

More information about the samba mailing list