[Samba] Changing IP Scope on a Samba DC
Rowland penny
rpenny at samba.org
Mon Aug 31 19:08:53 UTC 2020
On 31/08/2020 19:59, Peter Pollock wrote:
> Yes, it is 192.168.2.0/24 <http://192.168.2.0/24>
>
> Thank you.
OK, try these files:
/etc/bind/named.conf
-----------start---------------
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind9/README.Debian.gz for information on the
// structure of BIND configuration files in Debian, *BEFORE* you customize
// this configuration file.
//
// If you are just adding zones, please do that in
/etc/bind/named.conf.local
include "/etc/bind/named.conf.options";
include "/etc/bind/named.conf.local";
include "/etc/bind/named.conf.default-zones";
----------end----------------
/etc/bind/named.conf.options
-------------start--------------------
options {
directory "/var/cache/bind";
notify no;
empty-zones-enable no;
allow-query { 127.0.0.1; 192.168.2.0/24; };
allow-recursion { 192.168.2.0/24; 127.0.0.1/32; };
forwarders {
208.67.222.123;
208.67.220.123;
};
allow-transfer { none; };
dnssec-validation no;
dnssec-enable no;
dnssec-lookaside no;
listen-on-v6 { none; };
listen-on port 53 { 192.168.2.8; 127.0.0.1; };
tkey-gssapi-keytab "/var/lib/samba/bind-dns/dns.keytab";
};
--------------------end----------------
/etc/bind/named.conf.local
----------------------start-------------------
//
// Do any local configuration here
//
// Consider adding the 1918 zones here, if they are not used in your
// organization
//include "/etc/bind/zones.rfc1918";
// adding the Samba dlopen ( Bind DLZ ) module
include "/var/lib/samba/bind-dns/named.conf";
-----------------end------------------
/etc/bind/named.conf.default-zones
-------------------start----------------
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/usr/share/dns/root.hints";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
----------------------end---------------------
/var/lib/samba/bind-dns/named.conf
------------------start--------------------
# This DNS configuration is for BIND 9.8.0 or later with dlz_dlopen support.
#
# This file should be included in your main BIND configuration file
#
# For example with
# include "/var/lib/samba/bind-dns/named.conf";
#
# This configures dynamically loadable zones (DLZ) from AD schema
# Uncomment only single database line, depending on your BIND version
#
dlz "AD DNS Zone" {
# For BIND 9.8.x
# database "dlopen /usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9.so";
# For BIND 9.9.x
# database "dlopen
/usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_9.so";
# For BIND 9.10.x
# database "dlopen
/usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_10.so";
# For BIND 9.11.x
database "dlopen
/usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_11.so";
# For BIND 9.12.x
# database "dlopen
/usr/lib/x86_64-linux-gnu/samba/bind9/dlz_bind9_12.so";
};
--------------------------end------------------------
They are based on my working Bind9 files and that the Samba keytab etc
are now in /var/lib/samba/bind-dns. Also that you are using Debian with
Bind9.11.x
Any questions, please ask.
Rowland
More information about the samba
mailing list