[Samba] More on bind_dlz - documentation I have not found

[Rowland Penny]

On 28/08/15 17:10, Robert Moskowitz wrote:
>
>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>
>>>
>>>
>>
>> Well, you can forget HOME\root, this doesn't exist :-)

No, if you leave off -U it uses the name of the person logged in, puts 
the Domain name on the front of it and asks for that users password, the 
only problem is, the user must exist in AD or it will error out and root 
should never exist in AD.

>
> See above.  That is what I got prompted with when I left off the -U; I 
> suspect as I am logged in as root.
>
>
> worked:
>
> # samba-tool dns zonelist localhost -U AdministratorPassword for 
> [HOME\Administrator]:
>   2 zone(s) found
>
>   pszZoneName                 : home.htt
>   Flags                       : DNS_RPC_ZONE_DSINTEGRATED 
> DNS_RPC_ZONE_UPDATE_SECURE
>   ZoneType                    : DNS_ZONE_TYPE_PRIMARY
>   Version                     : 50
>   dwDpFlags                   : DNS_DP_AUTOCREATED 
> DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
>   pszDpFqdn                   : DomainDnsZones.home.htt
>
>   pszZoneName                 : _msdcs.home.htt
>   Flags                       : DNS_RPC_ZONE_DSINTEGRATED 
> DNS_RPC_ZONE_UPDATE_SECURE
>   ZoneType                    : DNS_ZONE_TYPE_PRIMARY
>   Version                     : 50
>   dwDpFlags                   : DNS_DP_AUTOCREATED 
> DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
>   pszDpFqdn                   : ForestDnsZones.home.htt
>
> Is there a command to dump the zone?
>
>

Not that I am aware, but you can use ldbsearch to display all the dns 
objects, you just need to use the option '--cross-ncs', you can also use 
'--show-binary' to see the full records.

There is some info on the wiki about using ldbtools and they function 
very similarly to ldap-utils (ldapsearch etc) and there is loads of info 
on the net.

Rowland