[Samba] samba Digest, Vol 172, Issue 2
Rowland Penny
rpenny at samba.org
Sun Apr 2 15:04:03 UTC 2017
On Sun, 2 Apr 2017 16:36:09 +0200
Karl Heinz Wichmann via samba <samba at lists.samba.org> wrote:
> Hello Rowland
>
>
>
> Can this be a Problem with my debian 8.7 bind service?
>
No, definitely not
Try making your named.conf.options look like this:
options {
directory "/var/cache/bind";
version "0.0.7";
notify no;
empty-zones-enable no;
allow-query { 127.0.0.1; 192.168.99.0/24; };
allow-recursion { 192.168.99.0/24; 127.0.0.1/32; };
forwarders { 8.8.8.8; };
allow-transfer { none; };
dnssec-validation no;
dnssec-enable no;
listen-on-v6 { none; };
listen-on port 53 { 192.168.99.8; 127.0.0.1; };
tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
};
There is one really big problem in your version (there are others as
well):
'forward only;' With this, you Bind server doesn't even try to search
AD for your domain computers, it forwards the search to what ever <IP
of my forwarder> is.
Rowland
More information about the samba
mailing list