[Samba] Samba Internal DNS vs. BIND_DLZ

Rowland Penny rowlandpenny241155 at gmail.com
Thu Aug 27 20:23:48 UTC 2015

On 27/08/15 20:49, Jim Seymour wrote:
> Hi All,
> Well, after going in something of the Wrong Direction, I figure on
> starting over.
> Now: Looking at the docs, ISTM that BIND_DLZ is kind of a PITA. So,
> being as I need the BIND (server also is the nameserver for the entire
> LAN), and the recommendation is to put the AD PDC in a sub-domain,
> anyway, I was thinking:
>      Run BIND as normal, but bind it to only eth0
>      Set up an eth0:0 (virtual interface), give it a different address,
>      run Samba bound to that interface
>      BIND would be the auth nameserver for example.com and delegate
>      the samdom.example.com zone to the Samba DNS running on the second
>      (virtual) interface
>      Samba is the auth nameserver for samdom.example.com
> Thoughts?
> Thanks,
> Jim

No, please No, setting up bind dlz is not a PITA as you put it. You 
really need to run a DNS server that is authoritative for your samba 
domain and anything else is forwarded to another DNS server that knows 
about everything else i.e. if a client asks for info about another 
domain member, your samba4 server would supply this via bind, if it 
asked for an internet site, your samba 4 DNS server would ask the 
forwarder and would then give this info to the client, this is a very 
simplistic way of putting it, but I sure you get the drift.

If there is something you don't understand about anything on the wiki, 
please ask, I will try to help you out and if the wiki proves to be 
unclear, I will then update the relevant wiki page.

If you are not wedded to ubuntu and are willing to use Debian instead, a 
user called Louis van Belle posts on here and he actually provides 
scripts to install a DC for you, you can find these scripts here:


Even if you don't want to use Debian and can read and understand a bash 
script, they may help you when/if you re-install.


More information about the samba mailing list