[Samba] Missing new NS record.
infractory at gmail.com
Thu Aug 18 14:59:51 UTC 2016
I never had a look on MS AD regarding that, to check if NS record is
created for each DC running DNS service or not.
Anyway Samba AD does not create them and that's not an issue as long as you
don't plan to make your AD DNS zones public (available on the Internet).
As far as I understood DNS, during DNS resolution, NS is used only when
client's resolver does not know how to resolve some request. In that case
the resolver will ask for NS to know to which other DNS server it has to
forward the request in order to forward received reply to the client.
Client does not care about NS, you can set up any DNS server (AD or not) as
resolver. These DNS server do not need to be declared as NS because clients
send their request to the resolver without asking for NS.
If the AD zones are meant to be public (most of cases I expect) there is no
need to have each AD DNS server declared as NS.
If you need or prefer have clients using your company's official DNS
servers rather AD DNS server you can set up forward zone on your company's
official DNS servers for they forward any AD related request o your AD DNS
servers (those declared as forwarders in the forward zone).
2016-08-18 2:35 GMT+02:00 Zane Zakraisek via samba <samba at lists.samba.org>:
> Hey everyone.
> I've had an AD domain running on a samba server for years now.
> I recently decided to add a second samba DC. (both 4.4.5)
> I ran through all the DNS checks mentioned here...
> All the entries were there!
> However, I noticed that the domain only has one NS record present.
> "host mydomain.com" returns both DCs
> "host -t NS mydomain.com" only returns the original DC.
> Is this a bug?
> and if so, can I simply add another NS record, or is this evidence of a
> much deeper problem?
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba