[Samba] Internal DNS migrate to Bind9_DLZ

Rowland Penny rpenny at samba.org
Mon Jul 30 09:18:03 UTC 2018 

On Mon, 30 Jul 2018 10:57:11 +0200
Eben Victor <eben.victor at gmail.com> wrote:

> Hello Rowland,
> 
> See below as requested.
> 
> /etc/named.conf
> # Global Configuration Options
> 
> include "/var/lib/samba/bind-dns/named.conf";
> 
> options {
> 
>     dump-file   "/var/named/data/cache_dump.db";
>     statistics-file "/var/named/data/named_stats.txt";
>     memstatistics-file "/var/named/data/named_mem_stats.txt";
>     auth-nxdomain yes;
>     directory "/var/named";
>     notify no;
>     empty-zones-enable no;
>     tkey-gssapi-keytab "/var/lib/samba/bind-dns/dns.keytab";
> 
>     # IP addresses and network ranges allowed to query the DNS server:
>     allow-query {
>     any;
>     };
> 
>     # IP addresses and network ranges allowed to run recursive
> queries: # (Zones not served by this DNS server)
>     allow-recursion {
>     any;
>     };
> 
>     # Forward queries that can not be answered from own zones
>     # to these DNS servers:
>     forwarders {
>          8.8.8.8;
>     };
> 
>     # Disable zone transfers
>     allow-transfer {
>         none;
>     };
>  };
> 
> # Root Servers
> # (Required for recursive DNS queries)
> zone "." {
>    type hint;
>    file "named.root";
> };
> 
> # localhost zone
> zone "localhost" {
>     type master;
>     file "master/localhost.zone";
> };
> 
> # 127.0.0. zone.
> zone "0.0.127.in-addr.arpa" {
>     type master;
>     file "master/0.0.127.zone";
> };
> 
> /var/lib/samba/bind-dns/named.conf
> # This DNS configuration is for BIND 9.8.0 or later with dlz_dlopen
> support. #
> # This file should be included in your main BIND configuration file
> #
> # For example with
> # include "/var/lib/samba/bind-dns/named.conf";
> 
> #
> # This configures dynamically loadable zones (DLZ) from AD schema
> # Uncomment only single database line, depending on your BIND version
> #
> dlz "AD DNS Zone" {
>     # For BIND 9.8.x
>     # database "dlopen /usr/lib64/samba/bind9/dlz_bind9.so";
> 
>     # For BIND 9.9.x
>      database "dlopen /usr/lib64/samba/bind9/dlz_bind9_9.so";
> 
>     # For BIND 9.10.x
>     # database "dlopen /usr/lib64/samba/bind9/dlz_bind9_10.so";
> 
>     # For BIND 9.11.x
>     # database "dlopen /usr/lib64/samba/bind9/dlz_bind9_11.so";
> };
>

There doesn't seem to be anything wrong there, but I may know what the
problem is. 
You are trying to change to Bind9 from the internal dns server, but
have you read this:

https://wiki.samba.org/index.php/Changing_the_DNS_Back_End_of_a_Samba_AD_DC

Rowland

More information about the samba mailing list