[Samba] Internal DNS migrate to Bind9_DLZ

Eben Victor eben.victor at gmail.com
Mon Jul 30 08:57:11 UTC 2018 

Hello Rowland,

See below as requested.

/etc/named.conf
# Global Configuration Options

include "/var/lib/samba/bind-dns/named.conf";

options {

    dump-file   "/var/named/data/cache_dump.db";
    statistics-file "/var/named/data/named_stats.txt";
    memstatistics-file "/var/named/data/named_mem_stats.txt";
    auth-nxdomain yes;
    directory "/var/named";
    notify no;
    empty-zones-enable no;
    tkey-gssapi-keytab "/var/lib/samba/bind-dns/dns.keytab";

    # IP addresses and network ranges allowed to query the DNS server:
    allow-query {
    any;
    };

    # IP addresses and network ranges allowed to run recursive queries:
    # (Zones not served by this DNS server)
    allow-recursion {
    any;
    };

    # Forward queries that can not be answered from own zones
    # to these DNS servers:
    forwarders {
         8.8.8.8;
    };

    # Disable zone transfers
    allow-transfer {
        none;
    };
 };

# Root Servers
# (Required for recursive DNS queries)
zone "." {
   type hint;
   file "named.root";
};

# localhost zone
zone "localhost" {
    type master;
    file "master/localhost.zone";
};

# 127.0.0. zone.
zone "0.0.127.in-addr.arpa" {
    type master;
    file "master/0.0.127.zone";
};

/var/lib/samba/bind-dns/named.conf
# This DNS configuration is for BIND 9.8.0 or later with dlz_dlopen support.
#
# This file should be included in your main BIND configuration file
#
# For example with
# include "/var/lib/samba/bind-dns/named.conf";

#
# This configures dynamically loadable zones (DLZ) from AD schema
# Uncomment only single database line, depending on your BIND version
#
dlz "AD DNS Zone" {
    # For BIND 9.8.x
    # database "dlopen /usr/lib64/samba/bind9/dlz_bind9.so";

    # For BIND 9.9.x
     database "dlopen /usr/lib64/samba/bind9/dlz_bind9_9.so";

    # For BIND 9.10.x
    # database "dlopen /usr/lib64/samba/bind9/dlz_bind9_10.so";

    # For BIND 9.11.x
    # database "dlopen /usr/lib64/samba/bind9/dlz_bind9_11.so";
};
Regards

On Mon, Jul 30, 2018 at 10:52 AM Rowland Penny via samba <
samba at lists.samba.org> wrote:

> On Mon, 30 Jul 2018 10:41:14 +0200
> Eben Victor via samba <samba at lists.samba.org> wrote:
>
> > Hello,
> >
> > I hope that someone can perhaps assist me or just guide me in the
> > right direction.
> >
> > I've been following all the steps for setting up and migrating my
> > Samba Internal DNS to Bind9_DLZ.
> > https://wiki.samba.org/index.php/Setting_up_a_BIND_DNS_Server
> > https://wiki.samba.org/index.php/BIND9_DLZ_DNS_Back_End
> >
> > But this doesn't seem to work for me, I can get bind started up 100%
> > when I remove include "/var/lib/samba/bind-dns/named.conf" from
> > named.conf, but as soon as I add this line back then everything fails
> > with below error.
> >
> > 30-Jul-2018 10:26:39.719 generating session key for dynamic DNS
> > 30-Jul-2018 10:26:39.719 sizing zone task pool based on 3 zones
> > 30-Jul-2018 10:26:39.722 Loading 'AD DNS Zone' using driver dlopen
> > 30-Jul-2018 10:26:40.026 samba_dlz: started for DN DC=domain,DC=corp
> > 30-Jul-2018 10:26:40.027 samba_dlz: starting configure
> > 30-Jul-2018 10:26:40.049 dns_rdata_fromtext: buffer-0x7facd1f60dc0:1:
> > near eof: unexpected end of input
> > 30-Jul-2018 10:26:40.049 Failed to put rr
> > 30-Jul-2018 10:26:40.269 zone domain.corp/NONE: has 0 SOA records
> > 30-Jul-2018 10:26:40.269 zone domain.corp/NONE: has no NS records
> > 30-Jul-2018 10:26:40.270 samba_dlz: Failed to configure zone
> > 'domain.corp' 30-Jul-2018 10:26:40.270 loading configuration: bad zone
> > 30-Jul-2018 10:26:40.270 exiting (due to fatal error)
> > 30-Jul-2018 10:26:40.271 samba_dlz: shutting down
> >
> > domain.corp is just an alias, not the actual domain name.
> >
> > I even tried the migration by removing ALL reverse & forwarded zones
> > but still no luck.
> >
> > Env:
> > Version 4.8.3-SerNet-RedHat-11.el7
> > Red Hat Enterprise Linux Server release 7.5 (Maipo)
> > BIND 9.9.4-RedHat-9.9.4-61.el7 (Extended Support Version)
> >
> > Kind Regards
>
> Please post your /etc/named.conf
> and /var/lib/samba/bind-dns/named.conf files
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


-- 
Eben Victor
Cell:  +27 82 759 5266
Email: eben.victor at gmail.com

More information about the samba mailing list