On Wed, Apr 6, 2016 at 5:13 PM, Rowland penny <rpenny at samba.org> wrote:> Your DC needs to be authoritative for your AD domain, this is *not* a Samba > thing, it is an AD thing.What about: http://www.serverlab.ca/tutorials/linux/network-services/using-linux-bind-dns-servers-for-active-directory-domains/ ?
On Thu, 7 Apr 2016, Sonic wrote:> On Wed, Apr 6, 2016 at 5:13 PM, Rowland penny <rpenny at samba.org> wrote: >> Your DC needs to be authoritative for your AD domain, this is *not* a Samba >> thing, it is an AD thing. > > What about: http://www.serverlab.ca/tutorials/linux/network-services/using-linux-bind-dns-servers-for-active-directory-domains/ > ?Your DC needs to be authoratative for your AD domain, unless you want to manually maintain its records in DNS. The docs on the website cover the normal use case, but there is some flexibility there for people who don't mind doing extra work.
On 07/04/16 15:19, Sonic wrote:> On Wed, Apr 6, 2016 at 5:13 PM, Rowland penny <rpenny at samba.org> wrote: >> Your DC needs to be authoritative for your AD domain, this is *not* a Samba >> thing, it is an AD thing. > What about: http://www.serverlab.ca/tutorials/linux/network-services/using-linux-bind-dns-servers-for-active-directory-domains/ > ?First and foremost, this is your domain, so you can do what you want with it, but I wouldn't use anything that didn't rely on the dns info stored in AD. I would also point out, that website is not a Samba or Microsoft website and as such I cannot recommend using it. If you want to use it, you will have rely on help from the page you linked to. If you use the internal dns server, or better still, Bind9 dlz, you get (just like Windows) multi-master dns with dns info replicated between the DCs. You will not get this with the setup you posted, in fact, you may get a single point of failure. This is my opinion, yours may differ. Rowland
On Thu, Apr 7, 2016 at 10:34 AM, Rowland penny <rpenny at samba.org> wrote:> First and foremost, this is your domain, so you can do what you want with > it, but I wouldn't use anything that didn't rely on the dns info stored in > AD. I would also point out, that website is not a Samba or Microsoft website > and as such I cannot recommend using it.Microsoft does have some info: https://social.technet.microsoft.com/Forums/windowsserver/en-US/f90eb354-aa57-4d6b-b86b-3bab7910ca78/pure-windows-2008-r2-domain-with-bind-dns-server https://technet.microsoft.com/en-us/library/dd316373.aspx Trying to get an idea if much of this has been explored by Samba 4 users.