[Samba] Deprecation of NONE DNS backend
Rowland penny
rpenny at samba.org
Wed Aug 28 19:24:43 UTC 2019
On 28/08/2019 20:01, Andy Strohman wrote:
>
>
> On Wed, Aug 28, 2019 at 11:57 AM Rowland penny via samba
> <samba at lists.samba.org <mailto:samba at lists.samba.org>> wrote:
>
> On 28/08/2019 19:49, Andy Strohman via samba wrote:
> > Hi,
> >
> > I'm curious about this remark on the wiki[1] :
> > "do NOT use NONE as the DNS backend, it is not supported and will be
> > removed in a future Samba version."
> >
> > Why is this being removed?
> >
> > I would prefer to manually add the records that would be
> generated by
> > BIND9_FLATFILE to my domain's zone file. We have automation
> that controls
> > records in the domain's zone file that I would prefer to keep as
> is if
> > possible.
> >
> > Thanks,
> >
> > Andy
> >
> > [1]
> >
> https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
> >
> The DC has to be the dns server, this means that you have to use the
> internal dns server or BIND_DLZ, nothing else.
>
> Thanks for the response Rowland. Could you please go into more
> detail on why this is?
>
On Active directory, the dns server is authoritative for the AD domain,
but the records are stored in AD, not in flat files, either on the DC or
on that dns server over there in the corner. This does raise another
fact, going back to the 'authoritative' bit, because the records are
stored in AD, every DC dns server is a master, this is called
multi-master. The records are stored in AD, so this means that the dns
server must be able to write to the AD records, so it must be on the DC,
so this means using the Samba internal dns server, or Bind9 with the
BIND_DLZ plugin.
Rowland
More information about the samba
mailing list