[Samba] Dynamic DNS updates from Windows 10 workstations

Allen Chen achen at harbourfrontcentre.com
Fri Apr 9 15:07:11 UTC 2021 

Hi Rowland,

Thank you for answering my questions. First of all I am following Samba 
4 docs, and not doing any funny things with Samba 4 AD DC and company  
DHCP and DNS. I added more details here:

1. company DHCP and DNS exist before we introduce Samba 4 AD. DHCP 
updates DNS. So each PC has a dynamic ip registered in DNS with its name 
like PCxxxx.DOMAIN1.ANY.

     DHCP and DNS works perfect. When PC moves to another subnet, DHCP 
updates the A record immediately into DNS server.

2. then we added Samba 4 AD to the company network, which has its own 
domain name like DOMAIN2.ANY.

     Company DNS server forwards DOMAIN2.ANY query to Samba 4 AD, and 
windows clients still use the company DNS server. Each PC has a name in 
Samba 4 AD like PCxxx.DOMAIN2.ANY.

     This also works perfect. So we do have two names for each PC. If I 
did something wrong, please correct me.

The problem is when I move a PC to another subnet(IP changed), samba4 AD 
DC doesn't reset the ip in its built-in DNS immediately in AD domain 
DOMAIN2.ANY, and company DNS resets the ip immediately in domain 
DOMAIN1.ANY. But I do see the ip or some ips get changed late in AD, 
when? and how? sometimes not changed at all? We ended up a PC with two 
IPs: company DNS sever holds the latest IP, and Samba 4 AD holds the old 
IP which is not correct.

Thanks,

Allen

On 4/8/2021 5:06 PM, Rowland penny via samba wrote:

> On 08/04/2021 21:13, Allen Chen via samba wrote:
>> Hi there,
>>
>> I do have a similar question on how windows clients update the A 
>> record in samba 4 AD DC,
>> or how samba AD set A record in its internal DNS server for windows 
>> client.
>>
>> My configuration is(no other issues so far):
>>
>> a) 3 Samba 4.8.12 AD DC, works perfect together(using internal DNS), 
>> has its own domain name, let's say DOMAIN1.ANY(not a public domain name)
>
>
> sounds okay, as long 'internal dns' means the dns server built into a 
> Samba DC
>
>> b) 1 Centos 6.8 DHCP server(comes with the OS), gives windows 
>> clients  dynamic IP and company DNS server info(DNS IP),
>>    and sends dynamic IP updates to company DNS server, using another 
>> internal domain name(DOMAIN2.ANY) to manage the pc name and its 
>> dynamic ip
>
>
> that could be a problem, it sounds like your PC's are given an IP and 
> instead of storing 'PC.DOMAIN1.ANY' on the company dns server (where 
> it shouldn't be), it is stored as 'PC.DOMAIN2.ANY'. Your company dns 
> server shouldn't store any of your AD domain PC's, it should forward 
> everything for 'DOMAIN1.ANY' to your Samba AD DC's.
>
>> c) 2 Centos 6.8 company DNS server(bind comes with the OS), 
>> forwarding AD query to AD server)
> Which sounds correct except that it sounds like your PC's have two names.
>> d) 150 windows clients with DNS points to company DNS servers.
> which again sounds okay, provided that your PC's only have one name.
>>
>> The problem is when I move a client machine to another subnet(IP 
>> changed),  samba4 AD DC doen't reset the ip in its internal DNS 
>> server. But I do see the ip or some ips get changed late, when? and 
>> how? sometimes not changed? I don't know.
>
>
> It probably has something to do with your apparently (and forgive me 
> If I have misunderstood) strange dns setup.
>
>>
>> My  question is how samba 4 AD set the A record in its internal DNS 
>> server for windows client?
>
>
> Short answer is, it doesn't. There is nothing built into AD to 
> automatically update dns records, it is down to the Windows clients to 
> update their own dns records.
>
> Rowland
>
>
>

More information about the samba mailing list