[Samba] Internal DNS and recursion

John Gardeniers jgardeniers at objectmastery.com
Wed Aug 19 00:57:13 UTC 2015

On the Samba wiki at https://wiki.samba.org/index.php/Samba_Internal_DNS 
there is the following:

If you have chosen the internal DNS as backend for your environment, 
there are only two options that can be added to your smb.conf, to 
control the behaviour of DNS at this point:

# Don't allow any updates | allow unsigned updates | only allow signed updates
allow dns updates = False | nonsecure | signed

# If recursive queries = yes is set, the following is also needed
dns forwarder = <ip addr of external dns server>

I think the page needs some urgent editing because self contradictions 
merely create confusion. Specifically, there should be no reference to 
"recursive queries = yes" in the comment if that is not even a valid 
option. Alternatively, there could be a comment explaining that the "dns 
forwarder" automatically actives recursion.

While on the subject of internal DNS, why do most functions not work 
when using the RSAT DNS management tool? Is this situation likely to 
improve in the near future? We could of course use external Bind, which 
would allow us to use the existing scripts and commands that we're used 
to, but that breaks the use of AD tools.


More information about the samba mailing list