[Samba] How to switch from internal DNS to Bind

Rowland penny rpenny at samba.org
Wed Dec 30 21:14:14 UTC 2015 

On 30/12/15 20:42, James wrote:
> On 12/30/2015 3:29 PM, Rowland penny wrote:
>> On 30/12/15 19:48, James wrote:
>>> Hello,
>>>
>>>     I'm attempting to switch from the internal DNS to Bind. This is 
>>> for my Samba test environment on a VM running Samba 4.3.1 on Ubuntu 
>>> server 12.04.1. Installed Samba using all the defaults.
>>>
>>> ./configure
>>> make
>>> make install
>>>
>>> Pulled up the wiki link
>>>
>>> https://wiki.samba.org/index.php/Changing_the_DNS_backend#Changing_from_Samba_Internal_DNS_to_BIND_DLZ 
>>>
>>>
>>> Not sure if this is the correct start page. After the introduction I 
>>> see the link "Setup Bind". I figure I need to start there? So I 
>>> click the link and in the introduction I see another link for 
>>> "Setup_a_basic_BIND_installation". Maybe this is where I should 
>>> begin? I install BIND via. the repository.
>>>
>>> apt-get install bind9
>>>
>>> The wiki then says "*make sure that it was compiled with the 
>>> '--with-gssapi' and '--with-dlopen' options*". I check by using
>>>
>>> named -V | grep "gssapi"
>>>
>>> '--with-gssapi=/usr'
>>>
>>> Is this sufficient or do I need the absolute path to 
>>> --with-gssapi=/usr/include/gssapi?
>>>
>>> named -V | grep "dlopen"
>>>
>>> Returns nothing.  Can I add these options after the fact or do I 
>>> need to uninstall and compile on my own before proceeding any 
>>> further? Thanks.
>>>
>>>
>>>
>>>
>>
>> What version of bind9 ?
>> later versions have dlopen builtin, but I seem to remember (from when 
>> I used 12.04) having to build bind9. Could you upgrade to 14.04, this 
>> will definitely give you a working bind9
>>
>> Rowland
>>
>>
> It's 9.8.1.
>
> I decided to compile myself seeing as this is just a test environment. 
> I'll make note of possibly needing a newer distro in order to avoid 
> building in the future. Thanks.
>

You need a later version, this is what I used to do:

apt-get -y remove bind9 &> /dev/null # <-- this was only installed to 
get all the required configuration files!
wget ftp://ftp.isc.org/isc/bind9/9.9.2-P2/bind-9.9.2-P2.tar.gz
tar zxf bind-9.9.2-P2.tar.gz
cd bind-9.9.2-P2
./configure --prefix=/usr --mandir=/usr/share/man 
--infodir=/usr/share/info --sysconfdir=/etc/bind --localstatedir=/var 
--enable-threads --enable-largefile --with-libtool --enable-shared 
--enable-static --with-openssl=/usr --with-gssapi=/usr  
--with-dlopen=yes --with-gnu-ld --enable-ipv6 
CFLAGS='-fno-strict-aliasing -DDIG_SIGCHASE -O2' 
LDFLAGS='-Wl,-Bsymbolic-functions -Wl,-z,relro' 
CPPFLAGS='-D_FORTIFY_SOURCE=2'
make
make install

NOTE: this was some time ago, there are newer versions available, if you 
do go with a newer version and it throws an error about dlopen, just 
remove '--with-dlopen=yes'

Rowland

More information about the samba mailing list