[Samba] AD DC without integrated DNS
Rowland penny
rpenny at samba.org
Mon May 4 20:16:52 UTC 2020
On 04/05/2020 21:06, Magnus Holmgren via samba wrote:
> Yes, samba_dnsupdate successfully injects all the necessary RRs, both for the
> domain and for the forest, except they don't get separated into two zones. But
> that's just an technical-organizational detail when there's only one AD domain
> anyway. As long as all the A/AAAA and SRV records are in place and can be
> found by the clients, what, exactly, would not work? Joining a machine to an
> AD domain doesn't require adding DNS records to its zone; the FQDN of the
> machine can be entirely different, AFAICT. Are there any DNS-related
> operations that require talking some other protocol? (samba_dnsupgrade falling
> back to samba-tool when DDNS doesn't work will of course not be an option.)
Samba AD uses exactly the same dns records as Windows AD.
> Exactly. I said we're hardly planning on joining any Windows machines to the
> domain, and they're mostly running Windows Home anyway (we could buy Pro
> upgrades, though).
As I said, you cannot join Windows home to a domain, but you can join a
Linux computer.
If you are planning to use kerberos on Linux, then Samba AD is probably
the easiest way of doing it, but you need DNS for kerberos to work.
Rowland
More information about the samba
mailing list