[Samba] Setup a Samba AD DC as an additional DC

Rowland Penny rpenny at samba.org
Wed Nov 21 10:55:11 UTC 2018 

On Wed, 21 Nov 2018 10:22:21 +0000
"Barry D. Adkins via samba" <samba at lists.samba.org> wrote:

> I've installed these packages:
> 
> apt-get install samba winbind libnss-winbind libpam-winbind
> libpam-krb5 krb5-config
> 
> Installing on fresh Ubuntu 18.04 server
> 
> Nothing is configured yet as following the wikis you come to the DNS
> configuration before you get to configuring Samba stuff.
> 
> Wiki states: If you are planning to set up a Samba Active Directory
> (AD) domain controller (DC) using the BIND9_DLZ back end, you have to
> install and configure the BIND DNS server first.

That isn't entirely true, you need to install Bind9 before you
provision with BIND9_DLZ, but you can configure it after the provision
and before you start Samba. 
> 
> And :  By default, the first Domain Controller (DC) in a forest runs
> a DNS server for Active Directory (AD)-based zones. For failover
> reasons it is recommended to run multiple DCs acting as a DNS server
> in a network. If you consider providing a DNS service on the new
> DC: ?  For the BIND9_DLZ back end, see BIND9_DLZ DNS Back
> End<https://wiki.samba.org/index.php/BIND9_DLZ_DNS_Back_End>. Finish
> this task before you start the Samba DC service.

Yes, every Samba AD DC is a dns server, unless you provision with
'--dns-backend=NONE' and this isn't recommended. You do not have to use
Bind9, Samba has its own dns server.

> 
> I really didn't want to tackle this now but I will as eventually all
> the Windows Servers will go away.  I had hoped to migrate things one
> by one.

Just provision using the internal dns server (the default) and upgrade
to Bind9 later.

> 
> I have embarked on learning bind, bind9, etc. now noting all the
> numerous details I must follow on wikis to get that going.  I am
> wondering is the DNS on the Samba AD DC going to get all the DNS
> entries from the Windows AD DNS servers?  I suppose I'll also setup
> the Samba AD DC as the DHCP server as that doesn't seem so difficult.

It isn't, just follow the wiki page and shout if something goes wrong
(it shouldn't)

Rowland

More information about the samba mailing list