[Samba] Understanding internal DNS usage on Samba 4

Robert Marcano robert at marcanoonline.com
Sun Mar 28 16:54:47 UTC 2021 

On 3/25/21 6:07 PM, Lou via samba wrote:
> Hello,
> 
> I'm currently studying migration from Samba 3 to Samba 4 (NT4 to AD).  
> Using classic upgrade [1].
> 
> Currently (alongside with our Samba 3 PDC), we have a heterogeus 
> environment with external DNS servers:
> 
> ns1.example.com
> ns2.example.com
> ns3.example.com
> ns4.example.com
> 
> Currently, our DHCP server supplies the IPs of these servers for 
> clients.  We have all servers (and PDC) correctly registered on these 
> servers. They are four so we can keep up with the load and for 
> geographic reasons.
> 
> Why, in Samba 4, are clients required to use Samba DNS resolver?
> 
> It seems Samba 4 uses DNS while Samba 3 does not, and requires that all 
> clients to use it, but that would break our architecture because there 
> would be a single point of failure (unless we setup more than one PDC).
> 
> We can configure the PDC to forward queries to them with smb.conf option 
> "dns forwarder" [2] and use several PDC to mimic the architecture we 
> have today, but I was wondering why are clients required to use Samba 4 
> DNS.

Technically the clients don't need to use directly the Samba DNS servers 
only for DNS updates, these DNS server used by the clients need to 
resolve the AD domain. So you can still use the same servers you are 
supplying via DHCP if these DNS servers are able to forward queries to 
the Samba DNS.

If your current servers have connectivity to the Samba DNS, you can ask 
them to be configured to forward your ad.example.com domain, to Samba.

If uo can modify their configuration, then the DHCP has to assign 
anoterh DNS servers, being it your Samba configured with a forwarder. Or 
a new one in front of your current servers and Samba

> 
> There are some discussion about this in the list (like [3]), if there is 
> any documentation/thread about that, could you share?
> 
> Thanks!
> 
> [1] 
> https://wiki.samba.org/index.php/Migrating_a_Samba_NT4_Domain_to_Samba_AD_(Classic_Upgrade) 
> 
> [2] https://www.samba.org/samba/docs/current/man-html/smb.conf.5.html
> [3] 
> http://samba.2283325.n4.nabble.com/Samba4-using-existing-DNS-and-LDAP-td4652082.html 
> 
>

More information about the samba mailing list