[Samba] [samba] AD, multiple DC, some DC without DNS at all

mathias dufresne infractory at gmail.com
Tue Mar 1 10:59:02 UTC 2016


Hi all,

How to configure Samba to remove DNS service from DC?

I thought there was an option for samba_dnsupgrade command to tell "remove
all DNS service from current DC" but I don't find it anymore.

This question is because we are about to deploy an AD with 20 or more DC
and there is no need they are all DNS servers. In fact having them all DNS
servers make design more complex and more risky. The point is to avoid
risks.

How I would proceed if samba_dnsupgrade is not able to remove DNS service
automatically:
- as for BIND9_DLZ backend, I will keep into smb.conf the "-dns" for
runninf services.
- stop Bind-DLZ service on non-DNS-DC
- modify /etc/resolv.conf on non-DNS-DC for they send DNS request to
remaining DNS servers.

This seems not too rough as a process but I'd like to have your opinion on
that subject, to verify that process and of course to get a better one if
possible : )

Best regards,

Mathias


More information about the samba mailing list