[Samba] AXFR transfer: SRV for DC missing
Markus Gschwendt
office+samba at gschwendt.at
Tue Oct 28 23:51:21 UTC 2025
On Tue, 2025-10-28 at 09:18 +0000, Rowland Penny via samba wrote:
> On Tue, 28 Oct 2025 03:02:34 +0100
> Markus Gschwendt via samba <samba at lists.samba.org> wrote:
>
> >
> > It did read this some time ago and I don't remember the source -
> > sorry. But good to know it should still work in Trixie.
> > However, the upgrade was necessary because we could not join Win11
> > 24H2 clients and we thought its time to migrate to AD anyways.
>
> The time, in my opinion, was more than 5 years ago, if not longer.
> >
I fully agree. We started around 2016 but it took some time...
> >
> > ...
> > We really don't want the Samba server to be our central DNS system.
>
> It doesn't have to be, but as AD lives and dies on DNS, the DC(s)
> need
> to be 'central' for your AD domain clients. The DC(s) need to be the
> first port of contact for the domain clients, anything unknown e.g.
> www.google.com is forwarded to an external DNS server.
>
> > Separating services is the main reason. (Security, debugging, ...)
> > Maybe a discussion for another thread.
>
> In my opinion you are setting yourself up for a lot pain.
DNS is designed to be a distributed system and the whole internet as we
know it today lives an dies on DNS. But not every service (webserver
email, chat,...) has to bring it's own DNS server.
It works great when samba transfers its DNS records to the central DNS
infrastructure like all other master and hidden master servers do.
And I'm really happy we can do it that way with Samba. Thanks for that
great piece of software!
There are lots of reasons not to use those monolithic systems from M$.
Markus
More information about the samba
mailing list