Changing the DNS Back End of a Samba AD DC: Difference between revisions

From SambaWiki
(Rewrote page. Clearer structure.)
m (spelling mistake correction)
 
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
__TOC__

= Introduction =
= Introduction =


Samba enables you to change switch between the <code>INTERNAL_DNS</code> and <code>BIND9_DLZ</code> DNS back end on your Active Directory (AD) domain controller (DC) without loosing data.
Samba enables you to change switch between the <code>INTERNAL_DNS</code> and <code>BIND9_DLZ</code> DNS back end on your Active Directory (AD) domain controller (DC) without losing data.






= Changing From the Samba Internal DNS Server to the BIND9_DLZ Back End =
= Changing From the Samba Internal DNS Server to the BIND9_DLZ Back End =
Line 23: Line 21:
:* If you have a <code>server services</code> parameter, remove the <code>dns</code> option. For example:
:* If you have a <code>server services</code> parameter, remove the <code>dns</code> option. For example:


server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate<s>, dns</s>
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate


:* If you do not have a <code>server services</code> parameter, add the following line:
:* If you do not have a <code>server services</code> parameter, add the following line:
Line 55: Line 53:
* Use one of the following ways to disable the <code>BIND9_DLZ</code> module in your <code>smb.conf</code> file::
* Use one of the following ways to disable the <code>BIND9_DLZ</code> module in your <code>smb.conf</code> file::


:* Replace the <code>-dns</code> with the <code>dns</code> option in the <code>server services</code> parameter. For example:

server services = 3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate<s>, -dns</s> dns


:* The internal DNS is one of the default settings of the <code>server services</code> parameter. Remove the <code>-dns</code> option to disable the <code>BIND9_DLZ</code> module. For example:
* If you have a <code>server services</code> parameter, add the <code>dns</code> option. For example:


server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate<s>, dns</s>
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns


:* If you only have the <code>-dns</code> option listed in the <code>server services</code> parameter, remove the entire parameter:
* If you only have the <code>-dns</code> option listed in the <code>server services</code> parameter, remove the entire parameter:


<s>server services = -dns</s>
<s>server services = -dns</s>
Line 70: Line 65:




{{Imbox
| type = note
| text = The internal DNS is one of the default settings of the <code>server services</code> parameter. Removing the <code>server services</code> parameter enables all the default servers including the DNS server.
}}
:






----
----
[[Category:Configuration]]
[[Category:Active Directory]]
[[Category:DNS]]
[[Category:DNS]]

Latest revision as of 18:49, 1 November 2023

Introduction

Samba enables you to change switch between the INTERNAL_DNS and BIND9_DLZ DNS back end on your Active Directory (AD) domain controller (DC) without losing data.

Changing From the Samba Internal DNS Server to the BIND9_DLZ Back End

Run on your domain controller (DC):

  • Shut down the Samba service.
  • Migrate the back end:
# samba_upgradedns --dns-backend=BIND9_DLZ
  • Use one of the following ways to disable the internal DNS in your smb.conf file:
  • If you have a server services parameter, remove the dns option. For example:
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
  • If you do not have a server services parameter, add the following line:
server services = -dns
  • Enable the BIND service to start at boot time. See your distribution's documentation for details.
  • Start the BIND service.
  • Start the Samba service.



Changing From the BIND9_DLZ Back End to the Samba Internal DNS Server

Run on your domain controller (DC):

  • Shut down the BIND service.
  • Disable the automatic start of the BIND service at boot time. See your distribution's documentation for details.
  • Shut down the Samba service.
  • Migrate the back end:
# samba_upgradedns --dns-backend=SAMBA_INTERNAL
  • Use one of the following ways to disable the BIND9_DLZ module in your smb.conf file::


  • If you have a server services parameter, add the dns option. For example:
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns
  • If you only have the -dns option listed in the server services parameter, remove the entire parameter:
server services = -dns
  • Start the Samba service.