Samba4/DNS: Difference between revisions
From SambaWiki
Mmuehlfeld (talk | contribs) (Redirecting this page to the "BIND DNS backend" HowTo, as it is more up2date and contains more information) |
|||
Line 1: | Line 1: | ||
#REDIRECT [[Dns-backend_bind]] |
|||
= Overview = |
|||
This page describes how to setup '''static''' DNS for Samba 4 on Fedora Core 10. It assumes that Samba is already installed in INSTALL_DIR (e.g. /usr/local/samba). DNS can be installed either on the same machine as Samba or on a separate machine. |
|||
''Please note that this is for versions of Bind prior to 9.8. Most of the current documentation for Samba4 assumes DLZ (Dynamic loaded zones), in either Bind 9.8 or later, or in the internal DNS service.'' |
|||
= Installation = |
|||
<pre> |
|||
% yum install bind |
|||
</pre> |
|||
= Configuration = |
|||
== Configuring Domain Zone == |
|||
Copy zone data file generated by Samba: |
|||
<pre> |
|||
% cp $INSTALL_DIR/example.com.zone /var/named/dynamic |
|||
</pre> |
|||
Edit zone data file /var/named/dynamic/example.com.zone: |
|||
<pre> |
|||
$ORIGIN example.com. |
|||
$TTL 1W |
|||
@ IN SOA example.com. root.example.com. ( |
|||
01 ; serial |
|||
2D ; refresh |
|||
4H ; retry |
|||
6W ; expiry |
|||
1W ) ; minimum |
|||
IN NS ns1 |
|||
ns1 IN A 192.168.1.100 |
|||
samba1 IN A 192.168.1.101 |
|||
gc._msdcs IN CNAME samba1 |
|||
27f515e4-f5af-4396-bc93-130013076ab7._msdcs IN CNAME samba1 |
|||
_gc._tcp IN SRV 0 100 3268 samba1 |
|||
_gc._tcp.Default-First-Site-Name._sites IN SRV 0 100 3268 samba1 |
|||
_ldap._tcp.gc._msdcs IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs IN SRV 0 100 389 samba1 |
|||
_ldap._tcp IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.dc._msdcs IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.pdc._msdcs IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.b168ccf1-d862-4146-8cea-0021f3c88feb IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.b168ccf1-d862-4146-8cea-0021f3c88feb.domains._msdcs IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 samba1 |
|||
_kerberos._tcp IN SRV 0 100 88 samba1 |
|||
_kerberos._tcp.dc._msdcs IN SRV 0 100 88 samba1 |
|||
_kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 samba1 |
|||
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 samba1 |
|||
_kerberos._udp IN SRV 0 100 88 samba1 |
|||
_kerberos-master._tcp IN SRV 0 100 88 samba1 |
|||
_kerberos-master._udp IN SRV 0 100 88 samba1 |
|||
_kpasswd._tcp IN SRV 0 100 464 samba1 |
|||
_kpasswd._udp IN SRV 0 100 464 samba1 |
|||
_kerberos IN TXT EXAMPLE.COM |
|||
</pre> |
|||
== Configuring Reverse Mapping == |
|||
Create reverse mapping file /var/named/192.168.1.rev: |
|||
<pre> |
|||
$ORIGIN 1.168.192.in-addr.arpa. |
|||
$TTL 1W |
|||
@ IN SOA example.com. root.example.com. ( |
|||
01 ; serial |
|||
2D ; refresh |
|||
4H ; retry |
|||
6W ; expiry |
|||
1W ) ; minimum |
|||
IN NS ns1.example.com. |
|||
100 IN PTR ns1.example.com. |
|||
101 IN PTR samba1.example.com. |
|||
</pre> |
|||
== Configuring File Ownership == |
|||
Set file ownership: |
|||
<pre> |
|||
% chown named.named /var/named/dynamic/example.com.zone |
|||
% chown named.named /var/named/192.168.1.rev |
|||
</pre> |
|||
Copy zone configuration file: |
|||
<pre> |
|||
% cp $INSTALL_DIR/named.conf /etc/named-samba.conf |
|||
% chown named.named /etc/named-samba.conf |
|||
</pre> |
|||
== Configuring DNS == |
|||
Edit /etc/named.conf: |
|||
<pre> |
|||
options { |
|||
#listen-on port 53 { 127.0.0.1; }; |
|||
#listen-on-v6 port 53 { ::1; }; |
|||
#allow-query { localhost; }; |
|||
... |
|||
}; |
|||
include "/etc/named-samba.conf"; |
|||
</pre> |
|||
Edit /etc/named-samba.conf: |
|||
<pre> |
|||
zone "example.com." IN { |
|||
type master; |
|||
file "/var/named/dynamic/example.com.zone"; |
|||
}; |
|||
zone "1.168.192.in-addr.arpa." IN { |
|||
type master; |
|||
file "192.168.1.rev"; |
|||
}; |
|||
</pre> |
|||
Restart DNS: |
|||
<pre> |
|||
% service named restart |
|||
</pre> |
|||
= Multiple Samba Instances = |
|||
The DNS can to be configured such that it points to multiple Samba instances for failover. |
|||
<pre> |
|||
$ORIGIN example.com. |
|||
$TTL 1W |
|||
@ IN SOA example.com. root.example.com. ( |
|||
01 ; serial |
|||
2D ; refresh |
|||
4H ; retry |
|||
6W ; expiry |
|||
1W ) ; minimum |
|||
IN NS ns1 |
|||
IN A 192.168.1.101 |
|||
IN A 192.168.1.102 |
|||
ns1 IN A 192.168.1.100 |
|||
samba1 IN A 192.168.1.101 |
|||
samba2 IN A 192.168.1.102 |
|||
gc._msdcs IN CNAME samba1 |
|||
ff3b280e-6caa-11de-ab0a-e44b8f038cdc._msdcs IN CNAME samba1 |
|||
_gc._tcp IN SRV 0 100 3268 samba1 |
|||
_gc._tcp.Default-First-Site-Name._sites IN SRV 0 100 3268 samba1 |
|||
_ldap._tcp.gc._msdcs IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs IN SRV 0 100 389 samba1 |
|||
_ldap._tcp IN SRV 0 100 389 samba1 |
|||
_ldap._tcp IN SRV 0 100 389 samba2 |
|||
_ldap._tcp.dc._msdcs IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.dc._msdcs IN SRV 0 100 389 samba2 |
|||
_ldap._tcp.pdc._msdcs IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.ff3b2587-6caa-11de-ab0a-e44b8f038cdc IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.ff3b2587-6caa-11de-ab0a-e44b8f038cdc IN SRV 0 100 389 samba2 |
|||
_ldap._tcp.ff3b2587-6caa-11de-ab0a-e44b8f038cdc.domains._msdcs IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.ff3b2587-6caa-11de-ab0a-e44b8f038cdc.domains._msdcs IN SRV 0 100 389 samba2 |
|||
_ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 samba2 |
|||
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 samba1 |
|||
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 samba2 |
|||
_kerberos._tcp IN SRV 0 100 88 samba1 |
|||
_kerberos._tcp IN SRV 0 100 88 samba2 |
|||
_kerberos._tcp.dc._msdcs IN SRV 0 100 88 samba1 |
|||
_kerberos._tcp.dc._msdcs IN SRV 0 100 88 samba2 |
|||
_kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 samba1 |
|||
_kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 samba2 |
|||
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 samba1 |
|||
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 samba2 |
|||
_kerberos._udp IN SRV 0 100 88 samba1 |
|||
_kerberos._udp IN SRV 0 100 88 samba2 |
|||
_kerberos-master._tcp IN SRV 0 100 88 samba1 |
|||
_kerberos-master._tcp IN SRV 0 100 88 samba2 |
|||
_kerberos-master._udp IN SRV 0 100 88 samba1 |
|||
_kerberos-master._udp IN SRV 0 100 88 samba2 |
|||
_kpasswd._tcp IN SRV 0 100 464 samba1 |
|||
_kpasswd._tcp IN SRV 0 100 464 samba2 |
|||
_kpasswd._udp IN SRV 0 100 464 samba1 |
|||
_kpasswd._udp IN SRV 0 100 464 samba2 |
|||
_kerberos IN TXT EXAMPLE.COM |
|||
</pre> |
|||
= Verification = |
|||
Execute the following commands to verify DNS: |
|||
<pre> |
|||
% dig _kerberos.example.com TXT @localhost |
|||
... |
|||
;; ANSWER SECTION: |
|||
_kerberos.example.com. 604800 IN TXT "EXAMPLE.COM" |
|||
... |
|||
</pre> |
|||
<pre> |
|||
% dig _ldap._tcp.dc._msdcs.example.com SRV @localhost |
|||
... |
|||
;; ANSWER SECTION: |
|||
_ldap._tcp.dc._msdcs.example.com. 604800 IN SRV 0 100 389 samba2.example.com. |
|||
_ldap._tcp.dc._msdcs.example.com. 604800 IN SRV 0 100 389 samba1.example.com. |
|||
... |
|||
</pre> |
Revision as of 19:03, 11 July 2013
Redirect to: