[Samba] Restrict who can query my DNS

Leonardo Yanes Batista informatico at alficsa.co.cu
Thu Aug 22 17:30:09 UTC 2019

Hello everyone, could you help me find a solution to restrict who can check my DNS within my domain?

I have a domain controller with SAMBA4 and as DNS backend I use BIND9.

I would like to be able to define who are the IPs that I want to allow to consult my DNS. I tried the following but I failed to get it 
options { 
allow-query { 

In essence, this should allow the domain controller itself to be the only one that has permission to query itself, but when I try to query from a PC in my domain, the DNS keeps responding to my queries. How could I avoid this? 

More information about the samba mailing list