[Samba] Samba Internal DNS vs. BIND_DLZ

Thu Aug 27 21:10:27 UTC 2015

On 27/08/15 22:00, Robert Moskowitz wrote:
> Ah, LDAP is included within Samba, I find.  Don't install provided one...
>
> I suppose I will have to find what schemas, particularly if the bind 
> dlz schema is included?

ER, you don't actually need to add any extra schemas, it is all built 
into samba4 when run as an AD DC, if you are struggling to understand 
this, just think a windows AD DC but running on Linux.
The next thing to understand is if you want an AD DC and want to use an 
rpm based OS (centos, clearos etc) then you cannot use the distro 
packages, at the moment, there aren't any. What you can use are the 
packages supplied by Sernet: http://www.samba.plus/home/

This is not a bad thing really, as you get more uptodate versions, 4.2.3 
at the moment

Rowland
>
> On 08/27/2015 04:56 PM, Robert Moskowitz wrote:
>>
>>
>> On 08/27/2015 04:52 PM, Rowland Penny wrote:
>>> On 27/08/15 21:42, Robert Moskowitz wrote:
>>>>
>>>>
>>>> On 08/27/2015 04:37 PM, Rowland Penny wrote:
>>>>> On 27/08/15 21:23, Robert Moskowitz wrote:
>>>>>>
>>>>>>
>>>>>> On 08/27/2015 04:18 PM, Marc Muehlfeld wrote:
>>>>>>> Hello Jim,
>>>>>>>
>>>>>>> Am 27.08.2015 um 21:49 schrieb Jim Seymour:
>>>>>>>>      BIND would be the auth nameserver for example.com and 
>>>>>>>> delegate
>>>>>>>>      the samdom.example.com zone to the Samba DNS running on 
>>>>>>>> the second
>>>>>>>>      (virtual) interface
>>>>>>>>
>>>>>>>>      Samba is the auth nameserver for samdom.example.com
>>>>>>> If you're already having BIND running, you're just one step away 
>>>>>>> from
>>>>>>> including the AD DNS domain as additional domain via DLZ.
>>>>>>> https://wiki.samba.org/index.php/Configure_BIND_as_backend_for_Samba_AD#BIND_9.8_.2F_9.9 
>>>>>>>
>>>>>>>
>>>>>>> What's wrong with that?
>>>>>>
>>>>>> It says:
>>>>>>
>>>>>> include "/usr/local/samba/private/named.conf";
>>>>>>
>>>>>> This file does not exist on my sernet 4.2 installation.
>>>>>>
>>>>>> In fact, I do not have a /usr/local/samba directory.
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>> It now also says (at the top):
>>>>>
>>>>> As this HowTo is based around a compiled install, the PATHs refer 
>>>>> to '/usr/local/samba' as a base. If you are using packages from 
>>>>> your OS or Sernet, this PATH will most likely not exist, you will 
>>>>> need to find the relevant files on your system, try starting with 
>>>>> '/var/lib/samba'.
>>>>
>>>> Oh this is soooo much fun!  Not..
>>>>
>>>>> I also use Sernet Samba 4.2.3 on one of my DCs and the required 
>>>>> named.conf is in /var/lib/samba/private/
>>>>
>>>> Empty dir.
>>>
>>> OK, how did you provision samba4 as a DC ?
>>> I believe that /var/lib/samba/private is empty until the domain is 
>>> provisioned, at which point it should look like this:
>>>
>>> dns          ldapi              randseed.tdb share.ldb
>>> dns.keytab      ldap_priv          sam.ldb          smbd.tmp
>>> dns_update_cache  named.conf          sam.ldb.d spn_update_list
>>> dns_update_list   named.conf.update      schannel_store.tdb tls
>>> hklm.ldb      named.txt          secrets.keytab
>>> idmap.ldb      netlogon_creds_cli.tdb  secrets.ldb
>>> krb5.conf      privilege.ldb          secrets.tdb
>>
>> I am still reading all the wiki info, making notes and looking for 
>> stuff.  No provisioning yet.  I suppose since this build is a through 
>> away one, I should do that.
>>
>> I still have to figure out what ldap rpms to install, along with dhcp!
>>
>> Quite a bit to go.  Perhaps I am getting too  bogged down in DNS, as 
>> I THINK I should know that part up until dlz.
>>
>>>
>>> Rowland
>>>
>>>
>>>
>>>>
>>>>> , it is also in /usr/share/samba/setup/ but called named.conf.dlz
>>>>
>>>> Ah there it (and others) are!
>>>>
>>>> thanks
>>>>
>>>
>>>
>>
>>
>