[Samba] dns/ad domain provisioning and naming
Jeff Henze
jeff at henze.us
Wed Jan 21 18:02:17 MST 2015
I'm setting up a bind server as well as a samba domain on a machine
(timcserv03). I initially set the local domain up in bind as
thisismycompany.local (already owning the name thisismycompany.com),
however I started to see that there could be issues with using .local, so
wanted to go in a safer direction. It seems the best logical internal
domain name would be local.thisismycompany.com. Note that I'm using the
example of "thisismycompany" because, like the real domain, it too has a
whopping 15 characters in the name. I can't change the name - stuck with
it. But I'd like to save users from having to type more than necessary
while keeping it sensical. It appears that it might not be a good idea to
have the internal DNS domain be thisismycompany.com, but correct me if I'm
wrong there
So after setting up the dns domain to be local.thisismycompany.com and
looking at the input needed for the samba-tool (samba-tool domain
provision), I had some concerns. I don't mind redoing things a few times,
but I don't want to get too far down the road before I realize my errors.
1) I would like my users to log in to workstations with
flast at thisismycompany.com and/or timc\flast. Given the above domain name,
does that restrict me to logins being flast at local.thisismycompany.com ?
That's a lot of typing and not very intuitive. Is there a way to achieve
the simpler flast at thisismycompany.com with a DNS domain of
local.thisismycompany.com? Can I simply have a realm of "thisismycompany.com"
and a short domain name of "timc" on a internal domain of "
local.thisismycompany.com"? (eg - just put "thisismycompany.com" for
"Realm" and "timc" for "domain" in "samba-tool domain provision")
2) I'm not yet trusting my configuration skills in Bind, so I'd like to use
samba_internal as the DNS backend for now. Is there any problem with doing
that for now, even though I have this same server setup as a bind DNS? I
still would answer the DNS question with the machine's own IP address
(point to itself).
Thanks,
-Jeff
More information about the samba
mailing list