samba - Jun 2014 - DNS issues (my ignorance?) beating me like a rented mule.

So, I managed to get an ad controller running, but cannot seem to get it to
forward dns queries to my DNS server.

It resolves it's own SRV records just fine. 

upstream bind is 9.2 

AD controller is the same DNS domain as the rest of my network (could this be
the issue?)

using SAMBA_INTERNAL on the AD controller. 

It's like I can either resolve my AD controllers SRV records or the rest of
my domain, but not both...

I've added the IP of the upstream DNS server to the forwarder statement in
smb.conf, and added the ip of the AD controller to bind's forwarders {}
block.

No joy. 

I'm missing something in my understanding of DNS forwarding or something
here. If you need to see more info please let me know.

Thanks 

-- 



Jefferson K Davis 
Technology and Information Systems Manager 
Standard School District 
1200 North Chester Ave 
Bakersfield, CA 93308 
661.392.2110 ext 120 (office) 
http://district.standard.k12.ca.us 

District Users: Click here to report technology issues

On 20/06/14 01:37, Jefferson Davis wrote:
> So, I managed to get an ad controller running, but cannot seem to get it to
forward dns queries to my DNS server.
>
> It resolves it's own SRV records just fine.
>
> upstream bind is 9.2
>
> AD controller is the same DNS domain as the rest of my network (could this
be the issue?)
Yes
>
> using SAMBA_INTERNAL on the AD controller.
>
> It's like I can either resolve my AD controllers SRV records or the
rest of my domain, but not both...
>
> I've added the IP of the upstream DNS server to the forwarder statement
in smb.conf, and added the ip of the AD controller to bind's forwarders {}
block.
>
> No joy.
>
> I'm missing something in my understanding of DNS forwarding or
something here. If you need to see more info please let me know.
>
> Thanks
>
OK, lets see if I can explain this:

a client asks about a hostname that is a domain member, the samba4 
server replies with the required info, it doesn't ask its forwarder.

a client asks about an hostname outside the domain, the samba4 server 
does not have the info and it is not in its domain, so it asks its 
forwarder and gets the info and passes it to the asking client.

a client asks about a hostname that is not a domain member but has the 
same domain name, the samba4 server replies that it does not know this 
machine, it does not ask its forwarder.

Moral of the story, if your domain name is 'example.com' set your samba4
domain to be a sub-domain of this i.e. 'samba.example.com'

Rowland