zone "local.thisismycompany.com" {
type slave;
masters { *your DCs go here* };
file "/etc/bind/namedb/bak.local.thisismycompany.com";
forwarders{};
};
If you are setting up bind on the DC like that, you have a problem, you are not
using DLZ.
Rowland
Sorry, I seemed to express that very misleading.
The snippet below aimed at an additional Bind server,
that is slave to the one on the DC(s).
I would be configured to pull the public DNS information
from an external forwarder (as 8.8.8.8 from Google) and
the internal information from *your DCs go here*.
Then the line "forwarders{};" does inhibit, that internal
requested are directed to the public DNS, which might
resolve these to Your public servers, which serve
thisismycompany.com.
I use this setup at home, where the DC is a slow Raspberry
Pi. On the much faster file (a.k.a. member) server I
operate the secondary DNS server with that snippet
below.
This may or my not be relevant to the OP...
But at least I wanted to clarify the confusion.
Best regards
Peter
Rowland Penny schrieb am 22.01.2015 11:09:
>
> zone "local.thisismycompany.com" {
> type slave;
> masters { *your DCs go here* };
> file "/etc/bind/namedb/bak.local.thisismycompany.com";
> forwarders{};
> };
>
>
> If you are setting up bind on the DC like that, you have a problem, you are
not
> using DLZ.
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
On 22/01/15 14:25, Peter Serbe wrote:> Sorry, I seemed to express that very misleading. > The snippet below aimed at an additional Bind server, > that is slave to the one on the DC(s). > I would be configured to pull the public DNS information > from an external forwarder (as 8.8.8.8 from Google) and > the internal information from *your DCs go here*. > Then the line "forwarders{};" does inhibit, that internal > requested are directed to the public DNS, which might > resolve these to Your public servers, which serve > thisismycompany.com. > > I use this setup at home, where the DC is a slow Raspberry > Pi. On the much faster file (a.k.a. member) server I > operate the secondary DNS server with that snippet > below. > > This may or my not be relevant to the OP... > But at least I wanted to clarify the confusion. > > Best regards > Peter > > > Rowland Penny schrieb am 22.01.2015 11:09: > >> zone "local.thisismycompany.com" { >> type slave; >> masters { *your DCs go here* }; >> file "/etc/bind/namedb/bak.local.thisismycompany.com"; >> forwarders{}; >> }; >> >> >> If you are setting up bind on the DC like that, you have a problem, you are not >> using DLZ. >> >> Rowland >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >>The bind server for a samba AD DC must be run on the samba AD DC Rowland