Samba4/DNS: Difference between revisions

From SambaWiki
m (Updated link)
 
(8 intermediate revisions by 3 users not shown)
Line 1: Line 1:
#REDIRECT [[BIND9_DLZ_DNS_Back_End]]
= Overview =

This document describes how to setup DNS for Samba 4 on Fedora Core 10. It assumes that Samba is already installed in INSTALL_DIR (e.g. /usr/local/samba). DNS can be installed either on the same machine as Samba or on a separate machine.

= Installation =

<pre>
% yum install bind
</pre>

= Configuration =

== Configuring Domain Zone ==

Copy zone data file generated by Samba:

<pre>
% cp $INSTALL_DIR/example.com.zone /var/named/dynamic
</pre>

Edit zone data file /var/named/dynamic/example.com.zone:

<pre>
$ORIGIN example.com.
$TTL 1W
@ IN SOA example.com. root.example.com. (
01 ; serial
2D ; refresh
4H ; retry
6W ; expiry
1W ) ; minimum

IN NS ns1

ns1 IN A 192.168.1.100
samba1 IN A 192.168.1.101

gc._msdcs IN CNAME samba1
27f515e4-f5af-4396-bc93-130013076ab7._msdcs IN CNAME samba1

_gc._tcp IN SRV 0 100 3268 samba1
_gc._tcp.Default-First-Site-Name._sites IN SRV 0 100 3268 samba1
_ldap._tcp.gc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs IN SRV 0 100 389 samba1

_ldap._tcp IN SRV 0 100 389 samba1
_ldap._tcp.dc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.pdc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.b168ccf1-d862-4146-8cea-0021f3c88feb IN SRV 0 100 389 samba1
_ldap._tcp.b168ccf1-d862-4146-8cea-0021f3c88feb.domains._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 samba1
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 samba1

_kerberos._tcp IN SRV 0 100 88 samba1
_kerberos._tcp.dc._msdcs IN SRV 0 100 88 samba1
_kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 samba1
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 samba1
_kerberos._udp IN SRV 0 100 88 samba1

_kerberos-master._tcp IN SRV 0 100 88 samba1
_kerberos-master._udp IN SRV 0 100 88 samba1

_kpasswd._tcp IN SRV 0 100 464 samba1
_kpasswd._udp IN SRV 0 100 464 samba1

_kerberos IN TXT EXAMPLE.COM
</pre>

== Configuring Reverse Mapping ==

Create reverse mapping file /var/named/192.168.1.rev:

<pre>
$ORIGIN 1.168.192.in-addr.arpa.
$TTL 1W
@ IN SOA example.com. root.example.com. (
01 ; serial
2D ; refresh
4H ; retry
6W ; expiry
1W ) ; minimum

IN NS ns1.example.com.

100 IN PTR ns1.example.com.
101 IN PTR samba1.example.com.
</pre>

== Configuring File Ownership ==

Set file ownership:

<pre>
% chown named.named /var/named/dynamic/example.com.zone
% chown named.named /var/named/192.168.1.rev
</pre>

Copy zone configuration file:

<pre>
% cp $INSTALL_DIR/named.conf /etc/named-samba.conf
% chown named.named /etc/named-samba.conf
</pre>

== Configuring DNS ==

Edit /etc/named.conf:

<pre>
options {
#listen-on port 53 { 127.0.0.1; };
#listen-on-v6 port 53 { ::1; };
#allow-query { localhost; };
...
};

include "/etc/named-samba.conf";
</pre>

Edit /etc/named-samba.conf:

<pre>
zone "example.com." IN {
type master;
file "/var/named/dynamic/example.com.zone";
};

zone "1.168.192.in-addr.arpa." IN {
type master;
file "192.168.1.rev";
};
</pre>

Restart DNS:

<pre>
% service named restart
</pre>

= Multiple Samba Instances =

The DNS can to be configured such that it points to several Samba instances for failover.

<pre>
$ORIGIN example.com.
$TTL 1W
@ IN SOA example.com. root.example.com. (
01 ; serial
2D ; refresh
4H ; retry
6W ; expiry
1W ) ; minimum
IN NS ns1

IN A 192.168.1.101
IN A 192.168.1.102

ns1 IN A 192.168.1.100
samba1 IN A 192.168.1.101
samba2 IN A 192.168.1.102

gc._msdcs IN CNAME samba1
ff3b280e-6caa-11de-ab0a-e44b8f038cdc._msdcs IN CNAME samba1

_gc._tcp IN SRV 0 100 3268 samba1
_gc._tcp.Default-First-Site-Name._sites IN SRV 0 100 3268 samba1

_ldap._tcp.gc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs IN SRV 0 100 389 samba1

_ldap._tcp IN SRV 0 100 389 samba1
_ldap._tcp IN SRV 0 100 389 samba2

_ldap._tcp.dc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.dc._msdcs IN SRV 0 100 389 samba2

_ldap._tcp.pdc._msdcs IN SRV 0 100 389 samba1

_ldap._tcp.ff3b2587-6caa-11de-ab0a-e44b8f038cdc IN SRV 0 100 389 samba1
_ldap._tcp.ff3b2587-6caa-11de-ab0a-e44b8f038cdc IN SRV 0 100 389 samba2

_ldap._tcp.ff3b2587-6caa-11de-ab0a-e44b8f038cdc.domains._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.ff3b2587-6caa-11de-ab0a-e44b8f038cdc.domains._msdcs IN SRV 0 100 389 samba2

_ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 samba1
_ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 samba2

_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 samba2

_kerberos._tcp IN SRV 0 100 88 samba1
_kerberos._tcp IN SRV 0 100 88 samba2

_kerberos._tcp.dc._msdcs IN SRV 0 100 88 samba1
_kerberos._tcp.dc._msdcs IN SRV 0 100 88 samba2

_kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 samba1
_kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 samba2

_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 samba1
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 samba2

_kerberos._udp IN SRV 0 100 88 samba1
_kerberos._udp IN SRV 0 100 88 samba2

_kerberos-master._tcp IN SRV 0 100 88 samba1
_kerberos-master._tcp IN SRV 0 100 88 samba2

_kerberos-master._udp IN SRV 0 100 88 samba1
_kerberos-master._udp IN SRV 0 100 88 samba2

_kpasswd._tcp IN SRV 0 100 464 samba1
_kpasswd._tcp IN SRV 0 100 464 samba2

_kpasswd._udp IN SRV 0 100 464 samba1
_kpasswd._udp IN SRV 0 100 464 samba2

_kerberos IN TXT EXAMPLE.COM
</pre>

= Verification =

Execute the following commands to verify DNS:

<pre>
% dig _kerberos.example.com TXT @localhost
...
;; ANSWER SECTION:
_kerberos.example.com. 604800 IN TXT "EXAMPLE.COM"
...
</pre>

<pre>
% dig _ldap._tcp.dc._msdcs.example.com SRV @localhost
...
;; ANSWER SECTION:
_ldap._tcp.dc._msdcs.example.com. 604800 IN SRV 0 100 389 samba2.example.com.
_ldap._tcp.dc._msdcs.example.com. 604800 IN SRV 0 100 389 samba1.example.com.
...
</pre>

Latest revision as of 23:26, 11 October 2016