No, no. All our servers have static IPs. Therefore there is no need for dyndns
update.
Therefore I keep the line for the tkey-gssapi-keytab in bind commented, thus
disabling all dyndns updates.
However, when joining/demoting a DC to the AD it needs to create/remove the AD
specific DNS records.
br
________________________________________
From: samba <samba-bounces at lists.samba.org> on behalf of Rowland Penny
via samba <samba at lists.samba.org>
Sent: Monday, December 16, 2024 5:16 PM
To: samba at lists.samba.org
Cc: Rowland Penny
Subject: Re: [Samba] Error when joining new DC
On Mon, 16 Dec 2024 15:04:13 +0000
Peter Mittermayer via samba <samba at lists.samba.org> wrote:
> Now I just need to find a solution how to allow dyndns updates only
> for the DCs and not the clients.
Shouldn't that be the other way around ?
Your Samba AD DCs should have a fixed ipaddress (either set on the DC
or via dhcp) and the clients can have their ipaddresses set by dhcp,
they just need to update their dns records in AD.
> Reason for this is that all our
> servers have multiple interfaces. Although they are connecting to AD
> mostly via default route we have seen issues where some register with
> wrong interface thus creating incorrect DNS records.All the DNS
> records A & PTR are usually created automatically during server
> provisioning and we don't use dhcp. So there is absolutely no need
> for dyndns except for changes in the AD infrastructure (i.e.
> joining/removing a DC).
There are a couple of parameters for the smb.conf file:
'bind interfaces only' and 'interfaces'
See 'man smb.conf' for the correct syntax.
They basically make the Samba 'server' only use the network interfaces
that you want it to.
Rowland
>
>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba