Difference between revisions of "Changing the DNS Back End of a Samba AD DC"

m (Introduction)
m (/* typo & minor changes)
 
(16 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
__TOC__
 +
 
= Introduction =
 
= Introduction =
  
During the provisioning step of a new [[Samba_AD_DC_HOWTO|Samba Active Directory Domain Controller]], you may have chose the internal DNS or BIND_DLZ as the DNS backend. Sometimes it is necessary to revise this decision, this may be because of problems, limitations or other reasons.
+
Samba enables you to change switch between the <code>INTERNAL_DNS</code> and <code>BIND9_DLZ</code> DNS back end on your Active Directory (AD) domain controller (DC) without loosing data.
 +
 
 +
 
 +
 
 +
 
 +
 
 +
= Changing From the Samba Internal DNS Server to the BIND9_DLZ Back End =
 +
 
 +
Run on your domain controller (DC):
 +
 
 +
* Set up and configure the <code>BIND9_DLZ</code> back end. For details, see [[BIND9_DLZ_DNS_Back_End|BIND9_DLZ Back End]].
 +
 
 +
* Shut down the Samba service.
 +
 
 +
* Migrate the back end:
 +
 
 +
# samba_upgradedns --dns-backend=BIND9_DLZ
 +
 
 +
* Use one of the following ways to disable the internal DNS in your <code>smb.conf</code> file:
 +
 
 +
:* If you have a <code>server services</code> parameter, remove the <code>dns</code> option. For example:
 +
 
 +
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
 +
 
 +
:* If you do not have a <code>server services</code> parameter, add the following line:
 +
 
 +
server services = -dns
 +
 
 +
* Enable the BIND service to start at boot time. See your distribution's documentation for details.
 +
 
 +
* Start the BIND service.
  
This guide provides you with the required information to change the DNS backend on a Domain Controller.
+
* Start the Samba service.
  
= Server information used in this HowTo =
 
  
Installation Directory:    /usr/local/samba/
 
  
  
  
 +
= Changing From the BIND9_DLZ Back End to the Samba Internal DNS Server =
  
 +
Run on your domain controller (DC):
  
= Changing from Samba Internal DNS to BIND_DLZ =
+
* Shut down the BIND service.
  
* [[DNS_Backend_BIND|Setup BIND]]
+
* Disable the automatic start of the BIND service at boot time. See your distribution's documentation for details.
  
* Shutdown Samba
+
* Shut down the Samba service.
  
* Migrate to BIND9_DLZ:
+
* Migrate the back end:
/usr/local/samba/sbin/samba_upgradedns --dns-backend=BIND9_DLZ
 
  
* Remove the 'dns' option from the 'server services = ' parameter in your smb.conf, or change it to '-dns':
+
# samba_upgradedns --dns-backend=SAMBA_INTERNAL
server services = ........ -dns
 
  
* Start BIND
+
* Use one of the following ways to disable the <code>BIND9_DLZ</code> module in your <code>smb.conf</code> file::
  
* Start Samba
 
  
 +
* If you have a <code>server services</code> parameter, add the <code>dns</code> option. For example:
  
 +
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns
  
 +
* If you only have the <code>-dns</code> option listed in the <code>server services</code> parameter, remove the entire parameter:
  
 +
<s>server services = -dns</s>
  
= Changing from BIND_DLZ to Samba Internal DNS =
+
* Start the Samba service.
  
* Shutdown BIND
 
  
* Shutdown Samba
+
{{Imbox
 +
| type = note
 +
| text = The internal DNS is one of the default settings of the <code>server services</code> parameter. Removing the <code>server services</code> parameter enables all the default servers including the DNS server.
 +
}}
 +
:
  
* Migrate to Samba Internal DNS:
 
/usr/local/samba/sbin/samba_upgradedns --dns-backend=SAMBA_INTERNAL
 
  
* Add 'dns' option to the 'server services = ' parameter in your smb.conf:
 
server services = ........ dns
 
  
* Start Samba
+
----
 +
[[Category:Active Directory]]
 +
[[Category:DNS]]

Latest revision as of 15:08, 20 March 2018

Introduction

Samba enables you to change switch between the INTERNAL_DNS and BIND9_DLZ DNS back end on your Active Directory (AD) domain controller (DC) without loosing data.



Changing From the Samba Internal DNS Server to the BIND9_DLZ Back End

Run on your domain controller (DC):

  • Shut down the Samba service.
  • Migrate the back end:
# samba_upgradedns --dns-backend=BIND9_DLZ
  • Use one of the following ways to disable the internal DNS in your smb.conf file:
  • If you have a server services parameter, remove the dns option. For example:
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
  • If you do not have a server services parameter, add the following line:
server services = -dns
  • Enable the BIND service to start at boot time. See your distribution's documentation for details.
  • Start the BIND service.
  • Start the Samba service.



Changing From the BIND9_DLZ Back End to the Samba Internal DNS Server

Run on your domain controller (DC):

  • Shut down the BIND service.
  • Disable the automatic start of the BIND service at boot time. See your distribution's documentation for details.
  • Shut down the Samba service.
  • Migrate the back end:
# samba_upgradedns --dns-backend=SAMBA_INTERNAL
  • Use one of the following ways to disable the BIND9_DLZ module in your smb.conf file::


  • If you have a server services parameter, add the dns option. For example:
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate, dns
  • If you only have the -dns option listed in the server services parameter, remove the entire parameter:
server services = -dns
  • Start the Samba service.