On Thu, 27 Aug 2015 21:23:48 +0100 Rowland Penny <rowlandpenny241155 at gmail.com> wrote: [snip]> > No, please No, setting up bind dlz is not a PITA as you put it.Yes, actually, it is. In my opinion, of course.> You > really need to run a DNS server that is authoritative for your > samba domain and anything else is forwarded to another DNS server > that knows about everything else ...[snip] And that's what running BIND on, say, 192.168.0.1 on eth0, and Samba at 192.168.0.2 on eth0:0 would accomplish. Samba has built-in DNS. Why do I need to go to the trouble of running *two* servers for BIND, bastardizing the BIND on one of them, when I can do everything I want in one? I am *not* going to be running Samba on one server and everything else on another. This is Linux, not Windows. It can walk and chew gum at the same time ;)>[snip]> > If you are not wedded to ubuntu ...[snip] We've standardized on it.> > https://secure.bazuin.nl/scripts/ > > Even if you don't want to use Debian and can read and understand a > bash script, they may help you when/if you re-install.I understand bash, and a good many other languages, as well. Thanks for the pointer. I'll take a look. Regards, Jim -- Note: My mail server employs *very* aggressive anti-spam filtering. If you reply to this email and your email is rejected, please accept my apologies and let me know via my web form at <http://jimsun.LinxNet.com/contact/scform.php>.
On 28/08/15 01:39, Jim Seymour wrote:> On Thu, 27 Aug 2015 21:23:48 +0100 > Rowland Penny <rowlandpenny241155 at gmail.com> wrote: > > [snip] >> No, please No, setting up bind dlz is not a PITA as you put it. > Yes, actually, it is. In my opinion, of course. > >> You >> really need to run a DNS server that is authoritative for your >> samba domain and anything else is forwarded to another DNS server >> that knows about everything else ... > [snip] > > And that's what running BIND on, say, 192.168.0.1 on eth0, and Samba > at 192.168.0.2 on eth0:0 would accomplish. Samba has built-in DNS. > Why do I need to go to the trouble of running *two* servers for BIND, > bastardizing the BIND on one of them, when I can do everything I want > in one? > > I am *not* going to be running Samba on one server and everything > else on another. This is Linux, not Windows. It can walk and chew > gum at the same time ;)I run samba 4, Bind9 and DHCP all on the same machine, what you seem to be missing is that you run bind9 instead of the internal samba4 DNS server. Whatever DNS server you do use, it needs to only know about the samba4 dns domain (which also needs to be the realm name), anything else it gets from its forwarder. Rowland
On Fri, 28 Aug 2015 08:51:30 +0100 Rowland Penny <rowlandpenny241155 at gmail.com> wrote:> ... what you seem > to be missing is that you run bind9 instead of the internal samba4 > DNS server. Whatever DNS server you do use, it needs to only know > about the samba4 dns domain (which also needs to be the realm name), > anything else it gets from its forwarder.I did not miss it. As you'll see from another of my posts: I tried that. The dynamic zone code crashed named. (Don't know why, yet. It happened at the end of the day, and I no longer skip workout time for work, no matter *how* interesting the problem, so...) However... I have to say that lash-up strikes me as kind of fragile. Jim
Hai Jim, (and Robert, saw your last post, read this also for samba with bind9_DLZ ) i just search back in the post, and what i noticed was your first post. http://www.tiltingatlinux.com/2014/04/basic-samba4-domain-controler-on-ubuntu.html i went over this link .. This setup has some faults. sudo nano /etc/hosts 127.0.0.1 localhost 127.0.1.1 pdc.mydomain.local pdc < remove this line. 10.0.0.5 pdc.mydomain.local pdc UUID=blahblahmoomoowhatnot / ext4 user_xattr,acl,barrier=1,errors=remount-ro,relatime 0 1 change that to UUID=blahblahmoomoowhatnot / ext4 defaults,barrier=1,errors=remount-ro,relatime 0 1 apt-get install acl xattr mount -o remount -a sudo rm /etc/samba/smb.conf better sudo mv /etc/samba/smb.conf /etc/samba/smb.conf.ubuntu_original ntp is not linked to samba in that setup. So, that told.. If you can read bash scripts, and if not, try, its not that hard. get this script if you use ubuntu 14.04.. https://secure.bazuin.nl/scripts/4-jessie-samba-DC.sh read through it, it explains itself, i just didnt test it on ubuntu, but the basics are the same. Just keep the install order as in the script, thats most important. simple things can be changed like line 208 debian: for x in 0 1 2 3 ; do sed -i "s]server ${x}.debian]#server ${x}.debian]g" /etc/ntp.conf ; done for ubuntu: for x in 0 1 2 3 ; do sed -i "s]server ${x}.ubuntu]#server ${x}.ubuntu]g" /etc/ntp.conf ; done etc. . all you need to know is in this script. try it, and i say, you wil have a perfect working samba 4 AD DC with bind9_DLZ. Greetz, Louis>-----Oorspronkelijk bericht----- >Van: samba [mailto:samba-bounces at lists.samba.org] Namens Jim Seymour >Verzonden: vrijdag 28 augustus 2015 13:40 >Aan: samba at lists.samba.org >Onderwerp: Re: [Samba] Samba Internal DNS vs. BIND_DLZ > >On Fri, 28 Aug 2015 08:51:30 +0100 >Rowland Penny <rowlandpenny241155 at gmail.com> wrote: > >> ... what you seem >> to be missing is that you run bind9 instead of the internal samba4 >> DNS server. Whatever DNS server you do use, it needs to only know >> about the samba4 dns domain (which also needs to be the realm name), >> anything else it gets from its forwarder. > >I did not miss it. As you'll see from another of my posts: I tried >that. The dynamic zone code crashed named. (Don't know why, yet. It >happened at the end of the day, and I no longer skip workout time for >work, no matter *how* interesting the problem, so...) > >However... > >I have to say that lash-up strikes me as kind of fragile. > >Jim > >-- >To unsubscribe from this list go to the following URL and read the >instructions: https://lists.samba.org/mailman/options/samba > >