On 07/05/2019 01:43 PM, Rowland penny via samba wrote:> On 05/07/2019 18:59, Robert A Wooldridge via samba wrote: >> Is it necessary to use Samba's DNS when configuring as a domain >> controller?? Can a DNS server be used on a different machine? >> > The dns server must be authoritative for the AD dns domain but you do > not need to use the Samba internal dns server, you can use Bind9 > instead, but it must run on the DC. > > Why are you asking ?I currently run tinydns and dnscache on my proxy machine.? I was hoping to keep that going.? I have a Windows Server2004 doing DC work right now.? Need to update that. -- Bob Wooldridge
On 05/07/2019 19:48, Robert A Wooldridge via samba wrote:> On 07/05/2019 01:43 PM, Rowland penny via samba wrote: >> On 05/07/2019 18:59, Robert A Wooldridge via samba wrote: >>> Is it necessary to use Samba's DNS when configuring as a domain >>> controller?? Can a DNS server be used on a different machine? >>> >> The dns server must be authoritative for the AD dns domain but you do >> not need to use the Samba internal dns server, you can use Bind9 >> instead, but it must run on the DC. >> >> Why are you asking ? > I currently run tinydns and dnscache on my proxy machine.? I was > hoping to keep that going.? I have a Windows Server2004 doing DC work > right now.? Need to update that. > > -- > Bob Wooldridge >You can run a caching nameserver that forwards your AD dns zones to your AD DC, but you can only use the Samba internal dns server or Bind9 with a Samba AD DC. This is because the dns server must be able to update the records in AD and they are the only two that can. Rowland
On 07/05/2019 01:55 PM, Rowland penny via samba wrote:> I currently run tinydns and dnscache on my proxy machine.? I was > hoping to keep that going.? I have a Windows Server2004 doing DC work > right now.? Need to update that. >> >> -- >> Bob Wooldridge >> > You can run a caching nameserver that forwards your AD dns zones to > your AD DC, but you can only use the Samba internal dns server or > Bind9 with a Samba AD DC. This is because the dns server must be able > to update the records in AD and they are the only two that can.Can you point me to some document that explains how caching would work with samba's dns in the manor you are suggesting? -- Bob Wooldridge