[Samba] DDNS, DHCP and AD

Greg Sloop <gregs@sloop.net> gregs at sloop.net
Thu Dec 8 20:02:49 UTC 2022


Looking for general theory here - perhaps this will devolve into more "how
to" later, but right now I need overall understanding.

We handle DHCP outside AD. We also do DDNS there, and handle DNS lookups.

Here's what the current setup looks like

We have a pair of DHCP servers (ISC DHCPD) and those same boxes handle DNS
for the network. They're in the DNS domain of, lets say; xyz.local. (Yes,
we're using local. Can't easily dig it out. We'll live with any AVAHI
side-effects, I think - at least for now.)

The AD domain is ad.xyz.local. (so a server is something like
s1.ad.xyz.local)

The DHCP/DNS servers handle multiple ip subnets and setup the forwards and
reverses for dhcp leases - into the xyz.local domain.

These xyz.local BIND servers forward all queries about *.ad.xyz.local to
the AD servers, so queries about the AD domain get handled properly. All
non AD queries they handle internally - recursively or not.

However, we also get DDNS entries into AD. (I've never set this up,
explicitly, up this, so it's happening "automagically.")

Something like station-1.ad.xyz.local.
But we'll sometimes end up with mismatches between the ad and non-ad
forwards/reverses. (station1.ad.xyz.local points to a "wrong" ip, where
station1.xyz.local doesn't)

So, the base question is;
Is there any reason for us to worry about ad.xyz.local DDNS entries being
"correct" in AD's DNS entries?

I suppose if we share resources via AD for a host that gets a DHCP
addresses, and we references those resources via name, we'll have issues.
But outside of that case, is there any reason to try to keep the
ad.xyz.local forwards "correct?"

If I can live with DNS lookups like station1.xyz.local - can I just ignore
the DDNS entries in AD for stations? (Without dire outcomes somewhere that
I haven't considered.)

Thoughts?
Is there a wiki article that covers this? (I didn't find one and I can't
easily find a discussion thread that seems closely relevant.


More information about the samba mailing list