[Samba] AD-DC with DLZ using Bind9.16.x

Carlos Stanhope stanhope631 at gmail.com
Thu Sep 10 17:16:43 UTC 2020

I am using:

Ubuntu Server 20.04.1 LTS

Kernel 5.4.0-45-generic x86_x64

Samba 4.11.6-Ubuntu package

Bind9.16.1-Ubuntu package

I have been using Samba4 AD-DC with Bind 9 DLZ in production since beta4,
upgraded several times. (Great product. Awesome Samba team!) Previously I
have been installing Bind9 and Samba from source to get the "--with-dlopen"
option. Since this option and the "--with-gssapi=/usr" option are now
integrated into Bind9, I would like to replace my current servers with
servers that use the Ubuntu packages to simplify updates. When I installed
the Samba 4.11.6-Ubuntu package, I found the option to use any Bind9 later
than 12 is not available (see named.conf.dlz file, below). I checked The
latest stable release (Samba 4.12.6) and Samba 4.13.0rc4. They have the
same limitation.

Is there a reasonably simple way for me to adapt to Bind9.16.x, or will I
have to go back to loading a source Bind9.12.x?

Also (and I may be showing my ignorance of coding), should the database
file lines, below, be commented, or the instructions modified?

/usr/share/samba/setup$ cat ./named.conf.dlz

# This configures dynamically loadable zones (DLZ) from AD schema

# Uncomment only single database line, depending on your BIND version


dlz "AD DNS Zone" {

    # For BIND 9.8.x

    ${BIND9_8} database "dlopen ${MODULESDIR}/bind9/dlz_bind9.so";

    # For BIND 9.9.x

    ${BIND9_9} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_9.so";

    # For BIND 9.10.x

    ${BIND9_10} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_10.so";

    # For BIND 9.11.x

    ${BIND9_11} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_11.so";

    # For BIND 9.12.x

    ${BIND9_12} database "dlopen ${MODULESDIR}/bind9/dlz_bind9_12.so";



More information about the samba mailing list