[Samba] Problems with Internal DNS Samba 4

Marcio Demetrio Bacci marciobacci at gmail.com
Sun Sep 1 22:53:55 UTC 2019


Hi,

># Check and correct rights if required
># Check that the permissions on /var/lib/samba/bind-dns are 'drwxrwx---'
># If not:
>chmod 770 /var/lib/samba/bind-dns
The  "bind-dns" directoy there isn't in my DC.

># Check that the 'bind' is the group for /var/lib/samba/bind-dns/dns.keytab
># If not:
>chown root:bind /usr/local/samba/private/dns.keytab
>chmod 640 /usr/local/samba/private/dns.keytab
The "dns.keytab" file there isn't in my DC

What should I do?

Regards,

Márcio Bacci

Em dom, 1 de set de 2019 às 19:28, Marcio Demetrio Bacci <
marciobacci at gmail.com> escreveu:

> Hi,
>
> I'm folowing the tutorial:
> https://wiki.samba.org/index.php/BIND9_DLZ_DNS_Back_End
>
> But, the follows file there isn't in my DC, so can I to create it manually?
>
> /usr/local/samba/bind-dns/named.conf file and uncomment the module for
> your BIND version. For example:
> dlz "AD DNS Zone" {
>     # For BIND 9.10
>     database "dlopen /usr/local/samba/lib/bind9/dlz_bind9_10.so";
>
> My lib is in:
>
> find / -name dlz_bind9_10.so
> /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_10.so
>
> Regards,
>
> Márcio Bacci
>
> Em sáb, 31 de ago de 2019 às 04:09, Rowland penny via samba <
> samba at lists.samba.org> escreveu:
>
>> On 31/08/2019 04:28, Marcio Demetrio Bacci via samba wrote:
>> > Hi,
>> >
>> > I have updated my DC's to Samba 4.10.7, but I still can't add a new DC
>> to
>> > the domain. I believe the problem is with Samba Internal DNS.
>> >
>> > So I would like to convert my DNS from Internal DNS to  Bind9_DLZ of the
>> > production DC's. Then I will join a new DC to the domain to see if it
>> works.
>> >
>> > I checked the tutorials:
>> > https://wiki.samba.org/index.php/Setting_up_a_BIND_DNS_Server
>> >
>> https://wiki.samba.org/index.php/Changing_the_DNS_Back_End_of_a_Samba_AD_DC
>> >
>> > But I found it a little complicated.
>> >
>> > I'm in doubt if I have to configure all DNS zones manually (servers,
>> > networks, ptr, records, A records, CNAMES and others) as a simple Bind
>> or
>> > if automatically configures it when do samba adjustments to turn it in
>> > Bind9_DLZ (samba_upgradedns --dns-backend=BIND9_DLZ).
>> >
>> > Could anybody help me?
>> >
>> > Regards,
>> >
>> > Márcio Bacci
>>
>> It is fairly simple ;-)
>>
>> Read and follow:
>>
>>
>> https://wiki.samba.org/index.php/Setting_up_a_BIND_DNS_Server#Installing_.26_Configuring_BIND_on_Debian_based_distros
>>
>> # Check and correct rights if required
>> # Check that the permissions on /var/lib/samba/bind-dns are 'drwxrwx---'
>> # If not:
>> chmod 770 /var/lib/samba/bind-dns
>>
>> # Check that the 'bind' is the group for
>> /var/lib/samba/bind-dns/dns.keytab
>> # If not:
>> chown root:bind /usr/local/samba/private/dns.keytab
>> chmod 640 /usr/local/samba/private/dns.keytab
>>
>> # Run the following command:
>>
>> /usr/sbin/samba_upgradedns --dns-backend=BIND9_DLZ
>>
>> # Alter smb.conf
>>
>> # Change the "server services" parameter:
>>
>> # If the line is there and contains 'dns', remove 'dns', if it doesn't
>> contain 'dns' you do not need to do anything.
>>
>> # If the line isn't there (more likely), add 'server services -dns'
>>
>> # remove the forwarders line
>>
>> service bind9 restart
>>
>> service samba restart
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>


More information about the samba mailing list