[Samba] Samba AD Best Practice (DNS)
Pat Suwalski
pat at suwalski.net
Thu Oct 12 15:00:35 UTC 2017
Hello,
This question is about best practice of introducing sambda-ad-dc to an
organization that already has networking, and being minimally disruptive
about it. I guess this question applies equally to adding a Windows AD
server, but most people with that setup would let it be the primary DNS,
etc.
For this example:
- Network: 172.18.0.0/24
- Domain: network.ca
- AD server: ad.network.ca, 172.18.0.20
- Gateway/DNS: 172.18.0.1
The gateway is running as the main DNS server, and has the various
underscore ("_") entries required for Windows to find the Active
Directory. It sends "172.18.0.1" as the DNS option over its DHCP server.
The samba AD server has its DNS forwarder set to "172.18.0.1".
Now, the question:
To be able to take full advantage of AD, should DHCP provide the Windows
clients with "172.18.0.20" as the DNS server? I know it dynamically adds
the computers that are on the Active Directory, and possible other
things that help make Windows services run smoothly. That said, the
samba forwarder only seems to forward zones it is not familiar with.
Since the samba server serves up "network.ca", when asked, it does not
resolve "gitlab.network.ca" that the main DNS server knows how to
resolve. This has forced me to just provide 172.18.0.1 as the DNS.
What is the best practice to solve this. Is there actually any benefit
to having the AD server serve up DNS?
I'm sure others have been wondering this, and it would probably be a
decent question to put in the DNS section of the Wiki, as I'm sure there
are many samba mixed-network environments.
Thanks,
--Pat
More information about the samba
mailing list