[Samba] Samba DC and DNS

[Michael Tokarev]

07.04.2025 14:12, Vladimir Mokrozub via samba wrote:
> Hello, I'm new to Samba DC and I have a question regarding DNS:
> 
> we have DNS and DHCP servers, DNS dynamic updates are controlled by DHCP when clients request IP addresses. There're a lot of zones in DNS and we need 
> to create a domain in one of these zones.
> If I understand correctly Samba can't use external DNS, you must have DNS on the same server as Samba, either internal or bind.
> 
> The question is: if we move the zone to the Samba server, can we keep our DHCP-DNS update configuration? We'd like DHCP to be the only one updating 
> DNS records of all computers including domain members.

In this case, personally I would suggest just avoid samba
DNS entirely and rely solely on your existing infrastructure.
Especially if your samba server setup is more or less static,
so it doesn't change often.

Contrary to multiple claims (which - I suspect - comes from the
same source), there's no *requirement* to tie MS AD and DNS
together, because DNS records set is not "dynamic enough", that
is, it only changes when you add/remove DCs sites, or transfer
some roles between DCs - basically, only after known set of
operations.  It's rather easy to manage this RR set in external
DNS manually, without even turning on dynamic DNS updates.

Samba keeps list of RRs on each DC in /var/lib/samba/private/dns_update_cache
file.  You convert this file into regular zone file format with
a one-liner sed or shell script and add the resulting RRs to
your DNS, whatever it is.  That's all.

And oh, also disable dns updates in samba, so it does not try to
update the RRs dynamically every 30m or so (apparently because
samba internal DNS is unreliable and can't keep records for more
than 30m ;)

Thanks,

/mjt