[Samba] DNS (bind_dlz) forwarding not working

[Elias Pereira]

Ok.

I understood your explanations, but I do not know where else I can get
information about it.

I thought that this functionality between an existing dns server and the
dns server that samba provided was not so complicated!

On Wed, May 17, 2017 at 4:35 PM, Rowland Penny via samba <
samba at lists.samba.org> wrote:

> On Wed, 17 May 2017 15:54:20 -0300
> Elias Pereira via samba <samba at lists.samba.org> wrote:
>
> > Rowland,
> >
> > Can I use AD bind as slave for some zones of our bind master server?
> >
>
> Not sure I 100% understand what you are trying to say ;-)
>
> I will try to explain how Samba, when running as an AD DC, supports DNS.
>
> If you have a registered dns domain (we will use 'example.com'), you
> should set the AD domain to a subdomain of this, for instance:
> ad.example.com. You should then ensure that any computers that will be
> joined to the AD domain use this subdomain.
>
> When an AD domain member needs to find another computer (whether this
> is another domain computer or not), it should ask one of the domain
> DCs. If the DC does not know who the computer is, it should ask its
> forwarder.
>
> If a domain client (client1) needs to connect to another domain client
> (client2), the DC should be able to return the data for
> client2.ad.example.com
>
> If a domain client needs to connect to Google, the DC will not know who
> this is and so, should ask its forwarder and then return this data
> to the domain client.
>
> So, to put it in a nutshell, an AD DC running a dns server must be
> authoritative for the AD dns domain, it cannot be a slave of another
> dns server, but the dns server can hold zones that are not part of
> the AD domain, you would just have to find a way of updating the
> non-domain zone records.
>
> Rowland
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>



-- 
Elias Pereira