[Samba] Bind flat file support
Andrew Bartlett
abartlet at samba.org
Wed Sep 9 09:26:32 UTC 2015
On Tue, 2015-09-08 at 08:02 +1000, John Gardeniers wrote:
> Is there any chance that support for Bind flat files will return?
Not really. I expect it to be less supported as time goes on.
> I
> understand the various (extremely weak) arguments against it but DLZ
> not
> only sucks big time, it limits proper functionality and
> inter-operability, necessitating significant design changes for
> anything
> but the simplest of networks. Additionally, it doesn't work with the
> existing scripts many people use. I know that samba-tool can be used
> in
> scripts but due to its inadequate error checking it's incredibly easy
> to
> break the DNS.
I'm sorry to hear that. Patches to improve it are most welcome - what
error checking is inadequate?
> There are very good reasons why nearly every admin I know prefers
> flat
> file. Ultimately, there is nothing easier than editing in text mode
> and
> on the extremely rare occasion that an error does creep in it's ultra
> easy to remedy.
The flat file backend cannot enforce AD ACLs on the modification of
DNS, which in turn makes multi-DC deployment a hack, at best.
It also cannot replicate the DNS information in the directory, where
the DNS RPC server modifies it, and where Windows AD servers, which we
strive to interoperate with, store their data.
That is why we developed the DLZ plugin, and then the internal DNS
server.
Thanks,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list