Hi Rowland, Would you care to elaborate on that last sentence? I've not seen that mentioned before and I'm very curios about your reasons for saying it, especially as we're using internal DNS for our two DCs. regards, John On 29/02/16 06:18, Rowland penny wrote:> On 28/02/16 18:30, Felipe_G0NZĂLEZ_SANTIAG0 wrote: >> Hello list, I need to know which DNS backend is using my domain >> controller. Where can I search to know my backend ? Are there a >> command to do this? > > I suppose the easiest way would be to run something like this on a DC: > > wbinfo -u | grep dns > > If you get any output, then you are using Bind9, just where will come > from the output. The output will be like this 'dns-DC', where 'DC' is > the hostname of the DC running Bind9. > > >> >> Then, I have 2 DCs replicating each other (samba-tool domain join). >> Is it possible to have one of them using SAMBA_internal and the other >> using BIND_DLZ ? > > Not sure, never tried, I think most people would use the same dns > server on all DCs, but from my experience, if you have more than one > DC, you are probably better off using Bind9. > > Rowland >> >> Regards, Phillip. > >
On 28/02/16 20:25, John Gardeniers wrote:> Hi Rowland, > > Would you care to elaborate on that last sentence? I've not seen that > mentioned before and I'm very curios about your reasons for saying it, > especially as we're using internal DNS for our two DCs. > > regards, > John > >OK, two main reasons, I have never used the internal dns server and I have never had any real dns problems, read a lot of posts from people who have, but they use the internal dns server. The second reason is that the internal dns server seems to ignore the SOA record for the second DC (note that you have to add this manually). Bind9 does see both SOA records and the second DC is authoritative for the domain if the first DC goes down for any reason, this doesn't happen with the internal dns server. Rowland
Thanks Rowland. Perhaps because I expected these basic issues to have been resolved long ago I never thought to check the SOA records. You are perfectly correct - the second DC is not listed. I will say however that other than this, All the DNS issues I encountered during my early testing phase, and there were a lot of them, occurred with both internal and BIND DNS. As a consequence, we use Samba DNS only for the AD domain and external BIND (on the same machine but on a separate IP address) for everything else. machines point to the Samba DNS servers, which forward to BIND for non-domain queries. Not an ideal solution perhaps but one which definitely works, solved every issue we encountered and is completely transparent to the users. regards, John On 29/02/16 07:40, Rowland penny wrote:> On 28/02/16 20:25, John Gardeniers wrote: >> Hi Rowland, >> >> Would you care to elaborate on that last sentence? I've not seen that >> mentioned before and I'm very curios about your reasons for saying >> it, especially as we're using internal DNS for our two DCs. >> >> regards, >> John >> >> > > OK, two main reasons, I have never used the internal dns server and I > have never had any real dns problems, read a lot of posts from people > who have, but they use the internal dns server. The second reason is > that the internal dns server seems to ignore the SOA record for the > second DC (note that you have to add this manually). Bind9 does see > both SOA records and the second DC is authoritative for the domain if > the first DC goes down for any reason, this doesn't happen with the > internal dns server. > > Rowland > >