[Samba] Samba4 with external bind - best practices?
Rowland penny
rpenny at samba.org
Tue Jul 26 19:03:17 UTC 2016
On 26/07/16 19:42, Elias Pereira wrote:
> Thanks Mathias and Rowland for the answers.
>
> Rowland,
>
> You said: “Use the sub domain for your AD domain and forward anything
> outside the sub domain to your main DNS servers.”
>
> This forward I do on the settings of the bind in Samba4?
>
> Something like:
>
> acl goodclients {
> 192.168.1.0/24;
> localhost;
> localnets;
> };
>
> options {
> directory "/var/cache/bind";
>
> recursion yes;
> allow-query { goodclients; };
>
> forwarders {
> 192.168.1.15; # EXTERNAL DNS SERVER
> };
> forward only;
>
> dnssec-validation auto;
>
> auth-nxdomain no; # conform to RFC1035
> listen-on-v6 { any; };
> };
>
>
>
>
You have a line missing inside your 'options' block, it should have a
line like this:
tkey-gssapi-keytab "/path/to/dns.keytab";
But, apart from that it looks very similar to mine.
Rowland
More information about the samba
mailing list