On 07/04/16 16:12, Sonic wrote:> On Thu, Apr 7, 2016 at 11:00 AM, Sketch <smblist at rednsx.org>
wrote:
>> My guess would be not much, because BIND9_DLZ exists and (mostly) gives
you
>> the best of both worlds.
> Which does bring up a question. It seems that outside of a feature or
> two and some added flexibility that there is, at the core, no
> difference between Samba's internal DNS and BIND9_DLZ as there are no
> text editable BIND zone files for the AD domain, it's more like BIND
> is just the frontend serving up the data on port 53.
No, Bind isn't just a front end, there are zone files, but you just
don't see them because they are in memory.
Apr 7 16:46:04 dc1 named[19554]: Loading 'AD DNS Zone' using driver
dlopen
Apr 7 16:46:05 dc1 named[19554]: samba_dlz: started for DN
DC=samdom,DC=example,DC=com
Apr 7 16:46:05 dc1 named[19554]: samba_dlz: starting configure
Apr 7 16:46:05 dc1 named[19554]: samba_dlz: configured writeable zone
'0.168.192.in-addr.arpa'
Apr 7 16:46:05 dc1 named[19554]: samba_dlz: configured writeable zone
'samdom.example.com'
Apr 7 16:46:05 dc1 named[19554]: samba_dlz: configured writeable zone
'_msdcs.samdom.example.com'
Rowland
>
> So to keep things simple as in the other scenario with the Windows
> server, if I plan to use Unbound as the cache for all of the clients,
> I can stub-zone to Samba4 for the AD domain records. The Samba4 AD
> points to itself and uses Unbound as the forwarder. Seems simpler than
> putting BIND in the middle, as I don't know if it's buying me
> anything.
>