Changing the DNS Back End of a Samba AD DC: Difference between revisions
From SambaWiki
Mmuehlfeld (talk | contribs) m (Fixed link) |
m (/* typo & minor changes) |
||
(6 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
__TOC__ |
|||
= Introduction = |
= Introduction = |
||
Samba enables you to change switch between the <code>INTERNAL_DNS</code> and <code>BIND9_DLZ</code> DNS back end on your Active Directory (AD) domain controller (DC) without loosing data. |
|||
During the provisioning step of a new [[Setup_a_Samba_Active_Directory_Domain_Controller|Samba Active Directory Domain Controller]], you decided which DNS backend, if any, should be used: The internal DNS or BIND_DLZ. In some cases, it might be necessary to revise this decision because of problems, limitations or other reasons. In the following, we will describe how to change the DNS backend on a Samba AD Domain Controller. |
|||
'''See the [[Host_information_used_in_documentation|host information used in documentation]] page for used paths, hostnames, etc.''' |
|||
= Changing From the Samba Internal DNS Server to the BIND9_DLZ Back End = |
|||
Run on your domain controller (DC): |
|||
= Changing from Samba internal DNS to BIND_DLZ = |
|||
* Set up and configure the <code>BIND9_DLZ</code> back end. For details, see [[BIND9_DLZ_DNS_Back_End|BIND9_DLZ Back End]]. |
|||
* [[Configuring_BIND9_DLZ_as_Back_End_for_Samba_AD|Setup BIND]] |
|||
* |
* Shut down the Samba service. |
||
* Migrate the |
* Migrate the back end: |
||
# |
# samba_upgradedns --dns-backend=BIND9_DLZ |
||
* Use one of the following ways to disable the internal DNS in your <code>smb.conf</code> file: |
|||
:* If you have a <code>server services</code> parameter, remove the <code>dns</code> option. For example: |
|||
* Change the "server services" parameter. There are three ways to enable BIND_DLZ and disable the internal DNS: |
|||
:1st way: If do not have this parameter in your smb.conf, add it just with the "-dns" option. All other values are taken from the defaults (see man page). |
|||
⚫ | |||
:2nd way: If do not have this parameter in your smb.conf, add this line: |
|||
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate |
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate |
||
:3rd way: If you do have this parameter in your smb.conf, Remove the "dns" option: |
|||
⚫ | |||
:* If you do not have a <code>server services</code> parameter, add the following line: |
|||
* Enable automatic startup of BIND at boot time, e. g. by using "chkconfig", "systemctl", etc. - depending on your distribution. |
|||
⚫ | |||
* Enable the BIND service to start at boot time. See your distribution's documentation for details. |
|||
⚫ | |||
⚫ | |||
= Changing From the BIND9_DLZ Back End to the Samba Internal DNS Server = |
|||
Run on your domain controller (DC): |
|||
⚫ | |||
* Shut down the BIND service. |
|||
⚫ | |||
* Disable the automatic start of the BIND service at boot time. See your distribution's documentation for details. |
|||
* Shut down the Samba service. |
|||
* Migrate the back end: |
|||
⚫ | |||
* Use one of the following ways to disable the <code>BIND9_DLZ</code> module in your <code>smb.conf</code> file:: |
|||
= Changing from BIND_DLZ to Samba internal DNS = |
|||
* Shutdown BIND |
|||
* If you have a <code>server services</code> parameter, add the <code>dns</code> option. For example: |
|||
* Disable automatic startup of BIND at boot time, e. g. by using "chkconfig", "systemctl", etc. - depending on your distribution. |
|||
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns |
|||
* Shutdown Samba |
|||
* If you only have the <code>-dns</code> option listed in the <code>server services</code> parameter, remove the entire parameter: |
|||
* Migrate the backend to Samba internal DNS |
|||
⚫ | |||
⚫ | |||
* Change the "server services" parameter. there are three ways to disable BIND_DLZ and enable the internal DNS: |
|||
:1st way: The internal DNS is part of the "server services" defaults (see man page). Remove the "service services" parameter completely, only do this if the other options are also defaults. |
|||
<s>server services = ..... dns</s> |
|||
:2nd way: Add the "dns" option to the "server services" parameter: |
|||
server services = ..... dns |
|||
:3rd way: Change the "-dns" option to "dns": |
|||
server services = ........ <s>-dns</s> dns |
|||
* Start Samba |
* Start the Samba service. |
||
{{Imbox |
|||
| type = note |
|||
| text = The internal DNS is one of the default settings of the <code>server services</code> parameter. Removing the <code>server services</code> parameter enables all the default servers including the DNS server. |
|||
}} |
|||
: |
|||
---- |
---- |
||
[[Category: |
[[Category:Active Directory]] |
||
[[Category:DNS]] |
[[Category:DNS]] |
Revision as of 15:08, 20 March 2018
Introduction
Samba enables you to change switch between the INTERNAL_DNS
and BIND9_DLZ
DNS back end on your Active Directory (AD) domain controller (DC) without loosing data.
Changing From the Samba Internal DNS Server to the BIND9_DLZ Back End
Run on your domain controller (DC):
- Set up and configure the
BIND9_DLZ
back end. For details, see BIND9_DLZ Back End.
- Shut down the Samba service.
- Migrate the back end:
# samba_upgradedns --dns-backend=BIND9_DLZ
- Use one of the following ways to disable the internal DNS in your
smb.conf
file:
- If you have a
server services
parameter, remove thedns
option. For example:
- If you have a
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
- If you do not have a
server services
parameter, add the following line:
- If you do not have a
server services = -dns
- Enable the BIND service to start at boot time. See your distribution's documentation for details.
- Start the BIND service.
- Start the Samba service.
Changing From the BIND9_DLZ Back End to the Samba Internal DNS Server
Run on your domain controller (DC):
- Shut down the BIND service.
- Disable the automatic start of the BIND service at boot time. See your distribution's documentation for details.
- Shut down the Samba service.
- Migrate the back end:
# samba_upgradedns --dns-backend=SAMBA_INTERNAL
- Use one of the following ways to disable the
BIND9_DLZ
module in yoursmb.conf
file::
- If you have a
server services
parameter, add thedns
option. For example:
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns
- If you only have the
-dns
option listed in theserver services
parameter, remove the entire parameter:
server services = -dns
- Start the Samba service.
The internal DNS is one of the default settings of the server services parameter. Removing the server services parameter enables all the default servers including the DNS server. |