samba - Dec 2012 - (S4) Neither AXFR nor authoritative nameserving available?

Hello all,

I'd like to have redundant DNS in our setup.  But it seems that Samba 4 
does not yet support AXFR with its internal DNS server.  Alright, that's 
fine, so I figured I'd configure the system such that at the very least, 
a caching nameserver was sitting in front of it.  However, that doesn't 
work; the caching nameserver (BIND 9) returns SERVFAIL, apparently 
because Samba 4 isn't setting the authoritative bit on its DNS responses.

Is this a known issue, a configuration error on my part, or something 
entirely different altogether?

	Thanks,
	Mike

On Tue, 2012-12-18 at 11:58 -0500, Michael B. Trausch
wrote:
> Hello all,
> 
> I'd like to have redundant DNS in our setup.  But it seems that Samba 4
> does not yet support AXFR with its internal DNS server.  Alright,
that's
> fine, so I figured I'd configure the system such that at the very
least,
> a caching nameserver was sitting in front of it.  However, that doesn't
> work; the caching nameserver (BIND 9) returns SERVFAIL, apparently 
> because Samba 4 isn't setting the authoritative bit on its DNS
responses.
That's odd.  Please file a bug, so Kai can look into it. 
> Is this a known issue, a configuration error on my part, or something 
> entirely different altogether?
You could run another Samba DC to get the redundant DNS. 

Another option is to run the bind9 server and the dlz plugin.

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org