[Samba] Configure DHCP to update DNS records with BIND9
Rowland penny
rpenny at samba.org
Tue Aug 13 17:26:36 UTC 2019
On 13/08/2019 17:53, jokie74 at webstatics.de wrote:
> Hello,
>
> I implemented the samba on a running Bind9 DHCP environment, so I already had a working BIND9 config with dynamic DNS updates. This is the reason why there are some lines on top.
I suggest you follow the wiki, it is known to work with your Samba
version, you can add extra lines after you get it working.
> I am using Ubuntu 18.04
>
> root at SAMBA:~# uname -r
> 4.15.0-55-generic
I actually meant your version of Samba, but never mind, unless you have
installed Samba from elsewhere, it will be 4.7.6
> --------------------------------------------
> root at SAMBA:~# apt show bind9
> Package: bind9
> Version: 1:9.11.3+dfsg-1ubuntu1.8
> --------------------------------------------
> root at SAMBA:~# apt show isc-dhcp-server
> Package: isc-dhcp-server
> Version: 4.3.5-3ubuntu7.1
> ----------------------------------------------------------------------
> root at SAMBA:~# cat /etc/bind/named.conf.options
> acl internals {
> localhost;
> localnets;
> };
Why set 'acl internals' ? you never use it.
> options {
> directory "/var/cache/bind";
> notify no;
> tkey-gssapi-keytab "/var/lib/samba/private/dns.keytab";
> empty-zones-enable no;
>
> forwarders {
> 8.8.4.4;
> 8.8.8.8;
> };
>
> allow-query {
> 127.0.0.1;
> 192.168.0.0/24;
> };
>
> allow-recursion {
> 127.0.0.1;
> 192.168.0.0/24;
> };
>
> allow-transfer {
> none;
> };
>
> dnssec-validation auto;
Change 'dns-validation auto;' to 'dns-validation no;'
Also add:
dnssec-enable no;
dnssec-lookaside no;
> auth-nxdomain no; # conform to RFC1035
Remove the above, The DC is Authoritative.
> listen-on-v6 { any; };
I would also add something like:
listen-on port 53 { 192.168.0.6; 127.0.0.1; };
> };
> --------------------------------------------------------------------------------------------
>
Do you have the following in /etc/bind/name.conf.local:
include "/var/lib/samba/private/named.conf";
Rowland
More information about the samba
mailing list