Changing the DNS Back End of a Samba AD DC

From SambaWiki
Revision as of 01:02, 12 October 2016 by Mmuehlfeld (talk | contribs) (Mmuehlfeld moved page Changing the DNS backend to Changing the DNS Back End: Updated title)

Introduction

During the provisioning step of a new Samba Active Directory Domain Controller, you decided which DNS backend, if any, should be used: The internal DNS or BIND_DLZ. In some cases, it might be necessary to revise this decision because of problems, limitations or other reasons. In the following, we will describe how to change the DNS backend on a Samba AD Domain Controller.

See the host information used in documentation page for used paths, hostnames, etc.



Changing from Samba internal DNS to BIND_DLZ

  • Shutdown Samba
  • Migrate the backend to BIND_DLZ
# /usr/local/samba/sbin/samba_upgradedns --dns-backend=BIND9_DLZ
  • Change the "server services" parameter. There are three ways to enable BIND_DLZ and disable the internal DNS:
1st way: If do not have this parameter in your smb.conf, add it just with the "-dns" option. All other values are taken from the defaults (see man page).
server services = -dns
2nd way: If do not have this parameter in your smb.conf, add this line:
server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, drepl, winbindd, ntp_signd, kcc, dnsupdate
3rd way: If you do have this parameter in your smb.conf, Remove the "dns" option:
server services = ........ dns 
  • Enable automatic startup of BIND at boot time, e. g. by using "chkconfig", "systemctl", etc. - depending on your distribution.
  • Start BIND
  • Start Samba



Changing from BIND_DLZ to Samba internal DNS

  • Shutdown BIND
  • Disable automatic startup of BIND at boot time, e. g. by using "chkconfig", "systemctl", etc. - depending on your distribution.
  • Shutdown Samba
  • Migrate the backend to Samba internal DNS
# /usr/local/samba/sbin/samba_upgradedns --dns-backend=SAMBA_INTERNAL
  • Change the "server services" parameter. there are three ways to disable BIND_DLZ and enable the internal DNS:
1st way: The internal DNS is part of the "server services" defaults (see man page). Remove the "service services" parameter completely, only do this if the other options are also defaults.
server services = ..... dns
2nd way: Add the "dns" option to the "server services" parameter:
server services = ..... dns
3rd way: Change the "-dns" option to "dns":
server services = ........ -dns dns
  • Start Samba