[Samba] will bad things happen if samba4 AD not binding 127.0.0.1?
tbskyd at gmail.com
Mon Nov 16 09:23:01 UTC 2015
2015-11-16 17:08 GMT+08:00 Andrew Bartlett <abartlet at samba.org>:
> On Sun, 2015-11-15 at 23:49 +0800, d tbsky wrote:
> > hi:
> > my company has two dns servers, but samba4 internal dns forward
> > can only
> > forward to 1 server.
> > to workarround it i run dnsmasq as dns cache at 127.0.0.1 and let
> > samba4
> > dns forward to 127.0.0.1.
> > my smb.conf looks like:
> > dns forwarder = 127.0.0.1
> > interfaces = 10.1.1.1
> > bind interfaces only = Yes
> > with the setting samba won't bind to 127.0.0.1, so dnsmasq can use
> > 127.0.0.1 to do the work.
> > my /etc/resolv.conf point to 10.1.1.1 (samba internal dns)
> > everything seems work fine. but I want to make sure if this kind of
> > setup
> > is safe?
> > if it is safe then I don't need to create another virtual interface
> > just
> > for dnsmasq.
> > thanks a lot for help!!
> It should be OK, and seems like the best workaround so far for the lack
> of multiple DNS forwarders.
> Samba shouldn't be making assumptions about what it is bound to beyond
> the 'interfaces' line with the 'bind interfaces only' setting.
> Andrew Bartlett
> Andrew Bartlett http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
> Samba Developer, Catalyst IT
thanks for the confirm. according to the man page, there maybe some
program hard-code to 127.0.0.1 or localhost (smbpasswd). I just hope there
is no such hard-code in AD DC code.
More information about the samba