[PATCH] Use samba-tool to add DNS entries with samba_dnsupdate

Stefan (metze) Metzmacher metze at samba.org
Sat Mar 14 03:07:14 MDT 2015 

Hi Andrew,

>>> Why did you not add NS records to the dns_update_list?  Are we unable to
>>> add those with dynamic DNS updates for some reason?  (If so, I'll make a
>>> special case to force these to samba-tool). 
>>
>> Yes, this is not allowed via dns updates against Windows.
>>
>> I'd propose the following syntax:
>>
>> RPC ${ZONE} ${TYPE} ${NAME} ${TARGET}
>>
>> SERVER = NS server von ZONE
>> => samba-tool dns add ${SERVER} ${ZONE} ${NAME}. ${TYPE} ${TARGET}
>>
>> ${IF_RWDNS_DOMAIN}RPC ${DNSDOMAIN} NS ${DNSDOMAIN} ${HOSTNAME}
>> => samba-tool dns add ${SERVER} ${DNSDOMAIN} ${DNSDOMAIN}. NS ${HOSTNAME}
>> ${IF_RWDNS_FOREST}RPC _msdcs.${DNSFOREST} NS _msdcs.${DNSFOREST} ${HOSTNAME}
>> => samba-tool dns add ${SERVER} _msdcs.${DNSFOREST} _msdcs.${DNSFOREST}.
>> NS ${HOSTNAME}
>> ${IF_RWDNS_FOREST}RPC ${DNSFOREST} NS _msdcs.${DNSFOREST} ${HOSTNAME}
>> => samba-tool dns add ${SERVER} ${DNSFOREST} _msdcs.${DNSFOREST}. NS
>> ${HOSTNAME}
>>
>> See
>> https://git.samba.org/?p=metze/samba/wip.git;a=commitdiff;h=c57c578539e65ce4fa9c4bc2c61b08ad9900a40a
> 
> Why not just make NS records go via the RPC layer, leaving the rest of
> the syntax as-is?

Also note that we require _msdcs.${DNSFOREST} to be updated twice.
Once in the _msdcs.${DNSFOREST} zone and in the ${DNSFOREST} (see above).

This is not possible with the current syntax.

So it's basicaly just "RPC ${ZONE} " in front of what we have.

> How does the RPC prefix help, given I already have the transformation
> between the different command-line syntaxes for the fallback case?

I think there're also other name types which require RPC to be used
and currently the dns_update_list file is flexible enough to be extended
by the admin. E.g. it's possible to add MX records, which would likely
to require
rpc too.

I also thought about having two file to be used instead of one
dns_update_list
file. I think we need one file that is based on the current samba version
and can be upgraded with a new version and a file that the admin can manage.

metze



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150314/0d574ae7/attachment.pgp>

More information about the samba-technical mailing list