Difference between revisions of "Changing the DNS Back End of a Samba AD DC"

m (Fix link)
m (/* minor update)
Line 18: Line 18:
 
  # /usr/local/samba/sbin/samba_upgradedns --dns-backend=BIND9_DLZ
 
  # /usr/local/samba/sbin/samba_upgradedns --dns-backend=BIND9_DLZ
  
* Change the "server services" parameter. There are two ways to enable BIND_DLZ and disable the internal DNS:
+
* Change the "server services" parameter. There are three ways to enable BIND_DLZ and disable the internal DNS:
 
:1st way: If do not have this parameter in your smb.conf, add it just with the "-dns" option. All other values are taken from the defaults (see man page).
 
:1st way: If do not have this parameter in your smb.conf, add it just with the "-dns" option. All other values are taken from the defaults (see man page).
 
  server services = -dns
 
  server services = -dns
:2nd way: Change the "dns" option to "-dns":
+
:2nd way: If do not have this parameter in your smb.conf, add this line:
  server services = ........ <s>dns</s> -dns
+
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
 +
:3rd way: If you do have this parameter in your smb.conf, Remove the "dns" option:
 +
  server services = ........ <s>dns</s>  
  
 
* Enable automatic startup of BIND at boot time, e. g. by using "chkconfig", "systemctl", etc. - depending on your distribution.
 
* Enable automatic startup of BIND at boot time, e. g. by using "chkconfig", "systemctl", etc. - depending on your distribution.

Revision as of 12:53, 1 September 2016

Introduction

During the provisioning step of a new Samba Active Directory Domain Controller, you decided which DNS backend, if any, should be used: The internal DNS or BIND_DLZ. In some cases, it might be necessary to revise this decision because of problems, limitations or other reasons. In the following, we will describe how to change the DNS backend on a Samba AD Domain Controller.

See the host information used in documentation page for used paths, hostnames, etc.



Changing from Samba internal DNS to BIND_DLZ

  • Shutdown Samba
  • Migrate the backend to BIND_DLZ
# /usr/local/samba/sbin/samba_upgradedns --dns-backend=BIND9_DLZ
  • Change the "server services" parameter. There are three ways to enable BIND_DLZ and disable the internal DNS:
1st way: If do not have this parameter in your smb.conf, add it just with the "-dns" option. All other values are taken from the defaults (see man page).
server services = -dns
2nd way: If do not have this parameter in your smb.conf, add this line:
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
3rd way: If you do have this parameter in your smb.conf, Remove the "dns" option:
server services = ........ dns 
  • Enable automatic startup of BIND at boot time, e. g. by using "chkconfig", "systemctl", etc. - depending on your distribution.
  • Start BIND
  • Start Samba



Changing from BIND_DLZ to Samba internal DNS

  • Shutdown BIND
  • Disable automatic startup of BIND at boot time, e. g. by using "chkconfig", "systemctl", etc. - depending on your distribution.
  • Shutdown Samba
  • Migrate the backend to Samba internal DNS
# /usr/local/samba/sbin/samba_upgradedns --dns-backend=SAMBA_INTERNAL
  • Change the "server services" parameter. there are three ways to disable BIND_DLZ and enable the internal DNS:
1st way: The internal DNS is part of the "server services" defaults (see man page). Remove the "service services" parameter completely, only do this if the other options are also defaults.
server services = ..... dns
2nd way: Add the "dns" option to the "server services" parameter:
server services = ..... dns
3rd way: Change the "-dns" option to "dns":
server services = ........ -dns dns
  • Start Samba