[Samba] Samba AD /dns /dhcp

Kristján Valur Jónsson kristjan at rvx.is
Fri Dec 1 14:57:36 UTC 2017


On 30 November 2017 at 17:00, Rowland Penny via samba <samba at lists.samba.org
> wrote:

>
> > Hi there, thanks for your reply.  Probably I should add that:
> > a) I'm running Centos7 on the RPi3.
>
> Where did you get that from ?
>
It's been around for a few months.
https://wiki.centos.org/SpecialInterestGroup/AltArch/Arm32/RaspberryPi3
It is completely stable, and it has the entire base rpm and selected stuff
from EPEL.
But there isn't an ARM epel repo yet and some packages are missing.
Since most of the linux infrasructure I manage is using CentOS it seemed
like a good idea.
I'm trying to set up a cheap and reliable infrastructure with redundancy.
the RPi3 should theoretically work well in this scenario.  Its main
bottleneck seems to be the SD card.
external discs could be used but again the RPi is USB2 only and shares the
usb bus with the network interface... I havent run the experiment to
compare the two.
Anyway, there are ways to speed these up.

>
>
> I have the feeling that your rpi's are getting their IP's via DHCP, if
> that is the case, give them a static IP, using DHCP on an AD DC is only
> going to end in tears.
>
> No, actually I did assign them static ips, and give them initial static
dns entries in the AD before starting the install.

> >
>
>
> All AD DCs that run a dns server are authoritative for the dns domain,
> this means that if you ask a DC for its SOA, it will claim it is
> itself. All DCs carry the AD records, this includes the dns records. A
> program called 'samba_dnsupdate' is run at Samba startup and then at
> frequent intervals, this uses a file 'dns_update_list' and checks and
> updates the records found in that file.
>
Thanks, this is useful info.  Like I said, the wiki is a bit hard to
navicate.  Would be cool to have an overview page with AD specific topics,
and something explaining the architecture and how these three things work
together.
Also, how to run dhcp on a machine separate from the DC...  Would to be set
up as an AD member?


> > Sure, this is what I'm using.  It's the default one for Centos7 rpm
> > bind, modified for AD:
>
> This is mine (actually the three debian ones in one file):
>
> Thanks.  Will run some experiments and report back.

Kristján


More information about the samba mailing list