Changing the DNS Back End of a Samba AD DC: Difference between revisions
From SambaWiki
Mmuehlfeld (talk | contribs) m (Fix link) |
Rayk sland (talk | contribs) m (spelling mistake correction) |
||
(14 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
__TOC__ |
|||
= Introduction = |
= Introduction = |
||
Samba enables you to change switch between the <code>INTERNAL_DNS</code> and <code>BIND9_DLZ</code> DNS back end on your Active Directory (AD) domain controller (DC) without losing data. |
|||
During the provisioning step of a new [[Setup_a_Samba_Active_Directory_Domain_Controller|Samba Active Directory Domain Controller]], you may have chose the internal DNS or BIND_DLZ as the DNS backend. Sometimes it is necessary to revise this decision, this may be because of problems, limitations or other reasons. |
|||
⚫ | |||
Run on your domain controller (DC): |
|||
* Set up and configure the <code>BIND9_DLZ</code> back end. For details, see [[BIND9_DLZ_DNS_Back_End|BIND9_DLZ Back End]]. |
|||
* Shut down the Samba service. |
|||
* Migrate the back end: |
|||
⚫ | |||
* Use one of the following ways to disable the internal DNS in your <code>smb.conf</code> file: |
|||
:* If you have a <code>server services</code> parameter, remove the <code>dns</code> option. For example: |
|||
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate |
|||
:* If you do not have a <code>server services</code> parameter, add the following line: |
|||
⚫ | |||
* Enable the BIND service to start at boot time. See your distribution's documentation for details. |
|||
⚫ | |||
⚫ | |||
This guide provides you with the required information to change the DNS backend on a Domain Controller. |
|||
= Server information used in this HowTo = |
|||
Installation Directory: /usr/local/samba/ |
|||
⚫ | |||
Run on your domain controller (DC): |
|||
* Shut down the BIND service. |
|||
⚫ | |||
* Disable the automatic start of the BIND service at boot time. See your distribution's documentation for details. |
|||
* [[Configure_BIND_as_backend_for_Samba_AD|Setup BIND]] |
|||
* |
* Shut down the Samba service. |
||
* Migrate |
* Migrate the back end: |
||
⚫ | |||
⚫ | |||
* Remove the 'dns' option from the 'server services = ' parameter in your smb.conf, or change it to '-dns': |
|||
⚫ | |||
* Use one of the following ways to disable the <code>BIND9_DLZ</code> module in your <code>smb.conf</code> file:: |
|||
⚫ | |||
⚫ | |||
* If you have a <code>server services</code> parameter, add the <code>dns</code> option. For example: |
|||
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns |
|||
* If you only have the <code>-dns</code> option listed in the <code>server services</code> parameter, remove the entire parameter: |
|||
⚫ | |||
⚫ | |||
⚫ | |||
* Shutdown BIND |
|||
{{Imbox |
|||
* Shutdown Samba |
|||
| type = note |
|||
| text = The internal DNS is one of the default settings of the <code>server services</code> parameter. Removing the <code>server services</code> parameter enables all the default servers including the DNS server. |
|||
}} |
|||
: |
|||
* Migrate to Samba Internal DNS: |
|||
⚫ | |||
* Add 'dns' option to the 'server services = ' parameter in your smb.conf: |
|||
⚫ | |||
---- |
|||
⚫ | |||
[[Category:Active Directory]] |
|||
[[Category:DNS]] |
Latest revision as of 18:49, 1 November 2023
Introduction
Samba enables you to change switch between the INTERNAL_DNS
and BIND9_DLZ
DNS back end on your Active Directory (AD) domain controller (DC) without losing data.
Changing From the Samba Internal DNS Server to the BIND9_DLZ Back End
Run on your domain controller (DC):
- Set up and configure the
BIND9_DLZ
back end. For details, see BIND9_DLZ Back End.
- Shut down the Samba service.
- Migrate the back end:
# samba_upgradedns --dns-backend=BIND9_DLZ
- Use one of the following ways to disable the internal DNS in your
smb.conf
file:
- If you have a
server services
parameter, remove thedns
option. For example:
- If you have a
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
- If you do not have a
server services
parameter, add the following line:
- If you do not have a
server services = -dns
- Enable the BIND service to start at boot time. See your distribution's documentation for details.
- Start the BIND service.
- Start the Samba service.
Changing From the BIND9_DLZ Back End to the Samba Internal DNS Server
Run on your domain controller (DC):
- Shut down the BIND service.
- Disable the automatic start of the BIND service at boot time. See your distribution's documentation for details.
- Shut down the Samba service.
- Migrate the back end:
# samba_upgradedns --dns-backend=SAMBA_INTERNAL
- Use one of the following ways to disable the
BIND9_DLZ
module in yoursmb.conf
file::
- If you have a
server services
parameter, add thedns
option. For example:
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns
- If you only have the
-dns
option listed in theserver services
parameter, remove the entire parameter:
server services = -dns
- Start the Samba service.
![]() | The internal DNS is one of the default settings of the server services parameter. Removing the server services parameter enables all the default servers including the DNS server. |