similar to: Samba4 with external bind - best practices?

Displaying 20 results from an estimated 20000 matches similar to: "Samba4 with external bind - best practices?"

2016 Jul 26
4
Samba4 with external bind - best practices?
On 26/07/16 09:31, mathias dufresne wrote: > Hi Elias, > > Separating DNS and AD services: > It should be possible to have AD DNS server hosted on a non-DC server. > Samba Wiki explain we just have to include > "/var/lib/samba/private/named.conf" in Bind configuration. This library can > be replaced be one of those shipped with Bind, this library will need >
2016 Jul 27
2
Samba4 with external bind - best practices?
I found this article about separate samba4 and bind. https://quercerjanath.wordpress.com/samba-active-directory-with-bind9-on-separate-machines-ubuntu-14-04/ Em 27/07/2016 9:39 AM, "mathias dufresne" <infractory at gmail.com> escreveu: > 2016-07-26 13:16 GMT+02:00 Rowland penny <rpenny at samba.org>: > > > On 26/07/16 09:31, mathias dufresne wrote: > >
2016 Jul 28
2
Samba4 with external bind - best practices?
Here we (the DNS team of our company, not me ;) chose the zone type forward as it is the way DNS works (one resolver on client system, this resolver will forward requests to others DNS server to get answer) and also because that seemed to them the strongest against failure: there is no data stored on the client resolver, there can't be corrupted data on this DNS server when with masters /
2016 Aug 05
2
Samba4 with external bind - best practices?
You do what you want! The point is the clients must resolve everything. You have two options: A - client resolver is non-DC DNS server: here the non-DC DNS server must be configured to forward DNS requests about AD to AD DNS servers (to DCs) B - client resolver is AD DNS server: here AD DNS server(s) used as resolver(s) must be configured to forward any non-AD DNS request to non-DC DNS server.
2016 Jul 26
0
Samba4 with external bind - best practices?
Hi Elias, Separating DNS and AD services: It should be possible to have AD DNS server hosted on a non-DC server. Samba Wiki explain we just have to include "/var/lib/samba/private/named.conf" in Bind configuration. This library can be replaced be one of those shipped with Bind, this library will need configuration for it can deal with remote DC(s). Please note I never tried that,
2016 Jul 26
0
Samba4 with external bind - best practices?
Thanks Mathias and Rowland for the answers. Rowland, You said: “Use the sub domain for your AD domain and forward anything outside the sub domain to your main DNS servers.” This forward I do on the settings of the bind in Samba4? Something like: acl goodclients { 192.168.1.0/24; localhost; localnets; }; options { directory "/var/cache/bind";
2016 Jul 27
0
Samba4 with external bind - best practices?
Looking over this thread it got me thinking of multiple domains and then thinking maybe it would be better to setup the external DNS as a slave to the AD domain? Then you could have it resolve from the external DNS for multiple AD domains. On Wed, Jul 27, 2016 at 9:32 AM, Elias Pereira <empbilly at gmail.com> wrote: > I found this article about separate samba4 and bind. > >
2016 Jul 27
0
Samba4 with external bind - best practices?
2016-07-26 13:16 GMT+02:00 Rowland penny <rpenny at samba.org>: > On 26/07/16 09:31, mathias dufresne wrote: > >> Hi Elias, >> >> Separating DNS and AD services: >> It should be possible to have AD DNS server hosted on a non-DC server. >> Samba Wiki explain we just have to include >> "/var/lib/samba/private/named.conf" in Bind
2016 Aug 04
0
Samba4 with external bind - best practices?
Guys, In the clients dns settings I configure the Samba4 or external DNS IP? On Thu, Jul 28, 2016 at 5:57 AM, mathias dufresne <infractory at gmail.com> wrote: > Here we (the DNS team of our company, not me ;) chose the zone type forward > as it is the way DNS works (one resolver on client system, this resolver > will forward requests to others DNS server to get answer) and also
2016 Aug 05
0
Samba4 with external bind - best practices?
mathias, I believe I get it. :D The "A" option can be "resolved" with the inclusion of the zone that you suggested me, right? zone "ad.domain.tld" IN { > type forward; > forward only; > forwarders { > <ip of 1st DC>; > <ip of 2nd DC>; > .... > <ip of Nth DC>; > }; > }; And in the "B"
2017 May 16
2
DNS (bind_dlz) forwarding not working
> > Not so much forgetting but not understanding ;-) - Internal DNS that responds to our services (site, moodle, etc) - ns.myinstitution.edu (registered in registro.br) - Samba DNS answering for samba stuff - addc.myinstitution.edu Maybe it's better to use SAMBA_INTERNAL instead of BIND_DLZ? On Tue, May 16, 2017 at 4:29 PM, Rowland Penny via samba < samba at lists.samba.org>
2015 Mar 20
7
Samba AD with external DNS server
Hallo, We have Samba4 (Sernet, Version4.1) on a Debian Wheezy server. There we try to use our Infoblox (It is our primary and secondary DNS server) as an external DNS server for the active directory on the samba4 server. It doesn?t matter which setup option (Samba_internal, bind_dlz, none) we use it doesn?t work. Harry
2017 May 16
2
DNS (bind_dlz) forwarding not working
Hello, I provisioned an samba AD with the bind_dlz option. So far so good. Followed the samba wiki. I have a DNS for our external access services (website, moodle, etc) and I'm using it as a forwarder to AD but it is not working. In a win7 I configured the AD IP as primary DNS and put it in the domain. When I try to access, for example, "wiki.samba.org" it opens normally, but when
2016 Oct 21
7
Bind_DLZ and two AD DC
My first Active Directory setup had two DC's and shortly after getting things going the second DC created a hardware failure issue and I just continued life with one DC. Now, while upgrading I am returning to two DC's. In a normal Bind9 "master and slave" setup the master always "feeds" the slave. With Bind9_DLZ setup (recommended to be used with Samba4) there is
2014 Jun 16
1
Best-practices - BIND9_FLATFILE/BIND9_DLZ or SAMBA_INTERNAL?
I keep seeing different approaches/recommendations as to which DNS services to utilize for an AD controller... what are your recommendations, and why? Thanks very much. -- Jefferson K Davis Technology and Information Systems Manager Standard School District 1200 North Chester Ave Bakersfield, CA 93308 661.392.2110 ext 120 (office) http://district.standard.k12.ca.us District
2019 Dec 18
4
Replication not working for remote Domain Controller
Il giorno mar 17 dic 2019 alle ore 17:49 Rowland penny via samba < samba at lists.samba.org> ha scritto: In the last year this has come up a few times, try reading this > > https://support.microsoft.com/en-gb/help/817470/how-to-reconfigure-an-msdcs-subdomain-to-a-forest-wide-dns-application > It looks like we need a tool to correct AD :-( > Thanks! I will read that article. Do
2017 May 16
2
DNS (bind_dlz) forwarding not working
> > Sorry, must have missed that. No problem! :D OK, your dns domain is 'mydomain.edu' and your AD dns domain is 'addc.mydomain.edu', so far so good, but is the AD REALM set to 'ADDC.MYDOMAIN.EDU <http://addc.mydomain.edu/>' ? Yes, my AD REALM is ADDC.MYDOMAIN.EDU Yes, your AD DC should be the authoritative dns server for the AD dns > domain. ok.
2017 Jun 06
4
How to update the root hints for bind DLZ
Hi, we are running a Samba AD on UCS 4.2, which comes with Samba 4.6.1. The DNS server (192.168.0.200) is operated by bind with the samba DLZ module. It also hosts several zones outside of samba. Every couple of hours, I get messages like these on the server: Jun 5 23:04:58 ucsdc1 daemon:[warning] checkhints: h.root-servers.net/A (198.97.190.53) missing from hints Jun 5 23:04:58 ucsdc1
2017 Jun 08
2
How to update the root hints for bind DLZ
On Thu, 8 Jun 2017 19:19:21 +1000 Amitay Isaacs via samba <samba at lists.samba.org> wrote: > Hi, > > Let me try to clear some confusion. > > On Tue, Jun 6, 2017 at 7:36 PM, Torsten Kurbad via samba < > samba at lists.samba.org> wrote: > Samba's bind-dlz module does not export root hints to BIND named. So > the error you are seeing is an issue with your
2017 May 16
2
DNS (bind_dlz) forwarding not working
Rowland, Seeing as BIND_DLZ uses the same info in AD as SAMBA_INTERNAL does, > then no, using the internal dns server will not make any difference. Ok. Which ever dns server you use, it must be authoritative for the AD > domain and if required it should be a subdomain of your registered > domain, see here: > > https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ >