[Samba] Samba 4 Bind DNS on CentOS 7

John Gardeniers jgardeniers at objectmastery.com
Fri Aug 21 04:30:05 UTC 2015 

Hi Mike,

I wonder if I'm missing the file because I only did a classicupgrade, 
rather than a provision and perhaps then the file(s) is/are not created.

regards,
John


On 21/08/15 13:45, Brady, Mike wrote:
> On 2015-08-21 14:11, Brady, Mike wrote:
>> On 2015-08-21 12:52, John Gardeniers wrote:
>>> Hi Brady,
>>>
>>> I realise that but the only named.conf to be found on the system is my
>>> newly created /etc/named.conf. Either something screwed up when
>>> installing the Sernet RPMs, which is really pretty unlikely given that
>>> everything else is working, or the file was not included in the
>>> package.
>>>
>>> regards,
>>> John
>>>
>>>
>>> On 21/08/15 10:16, Brady, Mike wrote:
>>>> On 2015-08-21 11:18, John Gardeniers wrote:
>>>>> Can anyone point me to instruction for setting up Bind to work with
>>>>> Samba 4 on CentOS 7? I know there are some instruction at
>>>>> https://wiki.samba.org/index.php/DNS_Backend_BIND but they're
>>>>> incomplete when using the Sernet repo. In particular, it refers to
>>>>> 'include "/usr/local/samba/private/named.conf";' but that file 
>>>>> doesn't
>>>>> exist at any location on my system.
>>>>>
>>>>> Is this a generic file that I can copy from some other
>>>>> place/system/person, or is it a dynamically generated, system
>>>>> specific, file created during the install? I thought I might be able
>>>>> to set up an Ubuntu server and grab it from there but, like CentOS,
>>>>> samba-ad doesn't exist in the standard repos, which puts me back at
>>>>> Sernet, with nothing gained. Is there a distro which actually has
>>>>> samba-ad in the standard repos?
>>>>>
>>>>> regards,
>>>>> John
>>>> Sernet packages on Centos 7 use /var/lib/samba/private for those 
>>>> files.
>>>>
>>
>> John
>>
>> I have multiple Sernet 4.2/Centos 7 DC installed using Bind and they
>> all have a /var/lib/samba/private/named.conf.  I do not know if the
>> named.conf is installed by the package or is generated.  The file
>> isn't owned by any package, so I assume that it is generated by either
>> the provision or when configuring the DC to use Bind.
>>
>> That particular file is not unique to each install.  For CentOS 7 it 
>> contains
>>
>>>>>>>>>>>>>>>>> Cut <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
>> # This DNS configuration is for BIND 9.8.0 or later with dlz_dlopen 
>> support.
>> #
>> # This file should be included in your main BIND configuration file
>> #
>> # For example with
>> # include "/var/lib/samba/private/named.conf";
>>
>> #
>> # This configures dynamically loadable zones (DLZ) from AD schema
>> # Uncomment only single database line, depending on your BIND version
>> #
>> dlz "AD DNS Zone" {
>>     # For BIND 9.8.x
>>     # database "dlopen /usr/lib64/samba/bind9/dlz_bind9.so";
>>
>>     # For BIND 9.9.x
>>      database "dlopen /usr/lib64/samba/bind9/dlz_bind9_9.so";
>>
>>     # For BIND 9.10.x
>>     # database "dlopen /usr/lib64/samba/bind9/dlz_bind9_10.so";
>> };
>>>>>>>>>>>>>>>>> Cut <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
>>
>> but if you do not have the file, then there is something wrong with
>> your install and/or provision and you may may well be missing other
>> files.
>>
>> My /var/lib/samba/private contains
>>
>> [root at dc03 private]# ll
>> total 14536
>> drwxrwx--- 3 root  named    4096 Aug  3 11:48 dns
>> -rw------- 1 named named     862 Jun 18 13:19 dns.keytab
>> -rw------- 1 root  root     2073 Jun  3 12:26 dns_update_cache
>> -rw-r--r-- 1 root  root     3183 Jun  3 12:17 dns_update_list
>> -rw------- 1 root  root  1286144 Jun  3 12:17 hklm.ldb
>> -rw------- 1 root  root  3366912 Aug  3 12:33 idmap.ldb
>> -rw------- 1 root  root  1609728 Jun 17 11:15 idmap.ldb.old
>> -rw-r--r-- 1 root  root      101 Jun  3 12:17 krb5.conf
>> srwxrwxrwx 1 root  root        0 Aug 18 16:01 ldapi
>> drwxr-x--- 2 root  root     4096 Aug 18 16:01 ldap_priv
>> -rw-r--r-- 1 root  root      633 Jun 18 13:19 named.conf
>> -r--r--r-- 1 root  root      310 Jul  2 11:00 named.conf.update
>> -rw-r--r-- 1 root  root     2090 Jun 18 13:19 named.txt
>> -rw------- 1 root  root      696 Aug 18 16:01 netlogon_creds_cli.tdb
>> -rw------- 1 root  root  1286144 Jun  3 12:17 privilege.ldb
>> -rw------- 1 root  root      696 Jun  3 12:26 randseed.tdb
>> -rw------- 1 root  root  4247552 Jun  3 12:17 sam.ldb
>> drwxr-x--- 2 root  named    4096 Aug  3 11:48 sam.ldb.d
>> -rw------- 1 root  root    24576 Aug 21 13:39 schannel_store.tdb
>> -rw------- 1 root  root     1237 Jun  3 12:17 secrets.keytab
>> -rw------- 1 root  root  1286144 Jun 18 13:19 secrets.ldb
>> -rw------- 1 root  root   425984 Jun  3 12:26 secrets.tdb
>> -rw------- 1 root  root  1286144 Jun  3 11:41 share.ldb
>> drwxr-xr-x 3 root  root     4096 Jun  3 12:26 smbd.tmp
>> -rw-r--r-- 1 root  root      955 Jun  3 12:17 spn_update_list
>> drwx------ 2 root  root     4096 Jun  3 12:26 tls
>>
>>
>> I will be installing (but not provisioning) a couple of new DCs in a
>> couple of hours from now.  I will have a look and see if the file is
>> deployed as part of the install.
>>
>> Regards
>>
>> Mike
>
> Immediately after installation /var/lib/samba/private is empty. So 
> everything in it is "generated", I assume by the provision.
>
>

More information about the samba mailing list