[Samba] Samba AD DC, DHCP & Address Assignments
Mark Foley
mfoley at ohprs.org
Tue Sep 8 16:15:15 UTC 2015
I provisioned with --dns-backend=BIND9_FLATFILE and have had no problems with
DNS at all. When I see all the postings with questions on DLZ and SAMBA
INTERNAL, I think I made the right choice.
Like you (Robert) I have workstations, printers, postage meters, etc. assigned
with static IPs for similar reasons as you. Also, for security, I have a
process that monitors the DHCP log to see if anything is doing unauthorized
connections to the LAN. I also port-forward specific port numbers to the Remote
Desktop Access port on specific workstations, so they need to have static IPs.
I have a combination of IPs statically assigned via /etc/dhcpd.conf and also
using the domain zone file (for client devices that cannot do DHCP).
All DNS settings were set up very simply using BIND9 and ran the first time.
I've had no problems with the AD/DC using the native bind. I've also configured
it to permit Windows workstations to update the zone files via Samba, which they
want to do. And, named/dhcpd continue to work properly if for some reason Samba
is down.
If interested, I've posted my configuration in a message to this list dated 26
Aug 2015 17:56, subject "sernet documentation". I can re-post if you'd like.
--Mark
-----Original Message-----
> Date: Tue, 8 Sep 2015 11:22:24 -0400
> From: Jim Seymour <jseymour at LinxNet.com>
> To: samba at lists.samba.org
> Subject: Re: [Samba] Samba AD DC, DHCP & Address Assignments
>
> On Tue, 8 Sep 2015 10:32:33 -0400
> Robert Moskowitz <rgm at htt-consult.com> wrote:
> >
> [snip]
> >
> > Oops. I missed that you had missed this! When you said flat zone
> > file, I took you literally to mean text-style dns zone files.
>
> I'll be using traditional (flat) zone files for everything else, but
> I'm going to let the Samba AD DC work the way it wants to. That means
> dynamic zone files for that sub-domain.
>
> > Not
> > use samba-tool to maintain the ldap entries used for dlz.
>
> I'm not certain what that meant?
>
> Regards,
> Jim
> --
> Note: My mail server employs *very* aggressive anti-spam
> filtering. If you reply to this email and your email is
> rejected, please accept my apologies and let me know via my
> web form at <http://jimsun.LinxNet.com/contact/scform.php>.
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list