[Samba] samba internal DNS Zone transfers and notify for slaves?

Julien Ropé jrope at linagora.com
Thu Feb 28 11:28:30 UTC 2019 

Hi,

I'm not sure what options are available to you. But regarding my post : 
yes, this is about authorizing zone transfers in samba's bind DLZ module.

The code shipping in Samba today allows every zone transfers. The 
contribution I've made is adding an option in smb.conf to make it 
possible to limit it to selected IP addresses.

See https://gitlab.com/samba-team/samba/merge_requests/169.

It is not merged (yet?), so today you can't use this configuration.


Now whether DLZ is the best option for you - I can't tell. I'm not using 
Samba, just hacking on it on behalf of my clients.


Best regards,

Julien


Le 26/02/2019 à 22:50, Jeff Sadowski via samba a écrit :
> I was wondering if I can implement slave DNS servers for a samba domain.
> I would like to setup a slave section on my bind server that gets its
> information from my samba-ad dns server?
>
> Or is my only option at the moment to use bind-dlz with bind on my samba-dc?
>
> This page:
> https://wiki.samba.org/index.php/DNS_Administration
>
> says zone transfers is unimplemented
> but one of the links on there
>
> https://bugzilla.samba.org/show_bug.cgi?id=9634
>
> I see
>
>> Julien ROPÉ 2018-11-27 10:04:49 UTC
>>
>> Hi,
>>
>> One of my clients asked for a fix on this issue. Seeing the comments on this thread, I implemented the suggested modification : add an option in smb.conf to control the list of authorized clients for a DNS zone transfer.
>>
>> The implementation has been submitted on github : https://github.com/samba-team/samba/pull/213
>>
>> This is my first contribution - any comment is appreciated
>>
>> Regards,
>> Julien
> Julien mentions authorized clients for DNS zone transfers?
>
> Looks like this is in DLZ.
> Wondering where to find examples to add authorized clients.
> Looks like the Fedora developers are against using DLZ but I see no
> alternative to have slave servers.
> I want slave servers so that I can implement multiple domains.
>
-- 
Julien ROPÉ

Mail : jrope at linagora.com
Tél : 06.38.99.80.22

--
Message envoyé grâce à OBM, la Communication Libre par Linagora

More information about the samba mailing list