[Samba] Samba shares and samba server residing on different physical machines
Rowland Penny
rpenny at samba.org
Thu Jul 6 14:43:42 UTC 2023
On 06/07/2023 15:11, E Kogler via samba wrote:
> The zone for my AD is "samba.xy.local", for the network it's "xy.local".
> So I should be safe ensuring my 4.17 samba manages the zone "samba.xy.local" since only the zone "xy.local" is transferred.Is this provided transferring the FSMO roles ? I did this process three years ago the last time and since this is a school network and I'm both, the B.O.F.H. and teacher (ages 15 to 18+ ) there's much to forget ...
If you using 'samba.xy.local' in the 192.168.1.0/24 range and the
ipaddresses for your AD DC's are 192.168.1.2 and 192.168.1.3 and you
are running a Debian based distro, then you require something like this
in /etc/bind/named.conf.local on your 'external' dns server:
zone "samba.xy.local" IN {
type forward;
forwarders {
192.168.1.2; 192.168.1.3;
};
forward only;
};
zone "_msdcs.samba.xy.local" IN {
type forward;
forwarders {
192.168.1.2; 192.168.1.3;
};
forward only;
};
zone "1.168.192.in-addr.arpa" IN {
type forward;
forwarders {
192.168.1.2; 192.168.1.3;
};
forward only;
};
This will forward all requests for the AD dns domain (including the
reverse zone) to the AD DC's.
The way it basically works is:
Your clients consult their nameserver (which is always an IP) and asks
that nameserver, 'can you supply me with the dns details for
'adclient.samba.xy.local'. The dns server running on
'dns_server.xy.local' (the nameserver) consults its records and finds
that it cannot directly, but it knows who to ask, so it forwards the
query to '192.168.1.2' (a DC) and this nameserver consults its records
(which are in AD) and either returns the dns data for
'adclient.samba.xy.local' if such a record exists or NXDOMAIN if it
doesn't. The forwarding dns server then passes this data back to the client.
Rowland
More information about the samba
mailing list