samba - Jul 2023 - Samba shares and samba server residing on different physical machines

Well, I set up DNS in my network with two BIND9s external to samba residing on
two boxes. One is my primary DNS for the network and one as a slave to it.When
using the BIND9 backend you have to modify "named.conf " to include
the "/usr/local/.../samba/../named.conf", my question is:since the
slave BIND9-DNS server (for the network) retrieves its zone information (except
127.0.0.1 zone and root.hints) from the primary DNS? I have set up I am a little
bit confused if the zone information the SAMBA 4.17 DC provides can be included
to the slave BIND9 as described in the wiki.
To clarify the setup:
Machine??????? samba version??? BIND9 role
majestix??????? 4.9.x, (old)????????? primary DNS for the network
firix?????????????? 4.17.8 ??????????????? slave to majestix

Am Donnerstag, 6. Juli 2023 um 14:49:38 MESZ hat Rowland Penny via samba
<samba at lists.samba.org> Folgendes geschrieben:
 
 

On 06/07/2023 13:12, E Kogler via samba wrote:
>? Finally I have time to install samba 4.17.8 on my new machine.The join was
successful, but there's a new question popping up:
> I want to use BIND9 backend? for DNS but the new machine is running a
slave-DNS.Can I follow the steps in the wiki as if it was my primary DNS ?
> Edgar
> 
Hi Edgar, unless you are doing something wrong, I think you may be 
misunderstanding a Samba domain and DNS.

Every Samba AD DC runs a a dns server, this could be the built in dns 
server or Bind9. You refer to 'slave-DNS', but there are no
'slaves' in
Samba AD, like Microsoft AD, all dns servers running on a DC are 
masters, this is known as 'multi-master'. As all the dns records are 
stored in AD, you just setup the dns server the same on all DC's.

Any further questions, please ask.

Rowland


-- 
To unsubscribe from this list go to the following URL and read the
instructions:? https://lists.samba.org/mailman/options/samba

On 06/07/2023 14:15, E Kogler via samba wrote:
>   Well, I set up DNS in my network with two BIND9s external to samba
residing on two boxes. One is my primary DNS for the network and one as a slave
to it.When using the BIND9 backend you have to modify "named.conf " to
include the "/usr/local/.../samba/../named.conf", my question is:since
the slave BIND9-DNS server (for the network) retrieves its zone information
(except 127.0.0.1 zone and root.hints) from the primary DNS? I have set up I am
a little bit confused if the zone information the SAMBA 4.17 DC provides can be
included to the slave BIND9 as described in the wiki.
> To clarify the setup:
> Machine??????? samba version??? BIND9 role
> majestix??????? 4.9.x, (old)????????? primary DNS for the network
> firix?????????????? 4.17.8 ??????????????? slave to majestix
> 
Hmm, In a situation like this (where I presume your clients are using 
your 'external' dns servers as their nameservers), anything for the AD 
dns domain should be forwarded to an AD DC. This can however lead to 
problems if the AD dns domain and the 'external' domain are the same.

Or to put it another way, if your 'external' dns servers have the same 
dns domain as the AD domain, then, sorry, but you are doing it wrong.

If your 'external' dns domain is 'example.com', then your AD dns
domain
should be something like 'ad.example.com' and the 'example.com'
dns
servers should forward all requests for 'ad.example.com' to an AD DC, it
should hold no zone records for the 'ad.example.com' domain.

Rowland