Samba4/DNS
From SambaWiki
Overview
This document describes how to setup DNS for Samba 4 on Fedora Core 10. It assumes that Samba is already installed in INSTALL_DIR (e.g. /usr/local/samba).
Prerequisites
% yum install bind
Configuration
Configuring Domain Zone
Copy zone data file generated by Samba:
% cp $INSTALL_DIR/example.com.zone /var/named/dynamic
Edit zone data file /var/named/dynamic/example.com.zone:
$ORIGIN example.com.
$TTL 1W
@ IN SOA example.com. root.example.com. (
01 ; serial
2D ; refresh
4H ; retry
6W ; expiry
1W ) ; minimum
IN NS ns1
ns1 IN A 192.168.1.100
samba1 IN A 192.168.1.101
gc._msdcs IN CNAME samba1
27f515e4-f5af-4396-bc93-130013076ab7._msdcs IN CNAME samba1
_gc._tcp IN SRV 0 100 3268 samba1
_gc._tcp.Default-First-Site-Name._sites IN SRV 0 100 3268 samba1
_ldap._tcp.gc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp IN SRV 0 100 389 samba1
_ldap._tcp.dc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.pdc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.b168ccf1-d862-4146-8cea-0021f3c88feb IN SRV 0 100 389 samba1
_ldap._tcp.b168ccf1-d862-4146-8cea-0021f3c88feb.domains._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 samba1
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 samba1
_kerberos._tcp IN SRV 0 100 88 samba1
_kerberos._tcp.dc._msdcs IN SRV 0 100 88 samba1
_kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 samba1
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 samba1
_kerberos._udp IN SRV 0 100 88 samba1
_kerberos-master._tcp IN SRV 0 100 88 samba1
_kerberos-master._udp IN SRV 0 100 88 samba1
_kpasswd._tcp IN SRV 0 100 464 samba1
_kpasswd._udp IN SRV 0 100 464 samba1
_kerberos IN TXT EXAMPLE.COM
Configuring Reverse Mapping
Create reverse mapping file /var/named/192.168.1.rev:
$ORIGIN 1.168.192.in-addr.arpa.
$TTL 1W
@ IN SOA example.com. root.example.com. (
01 ; serial
2D ; refresh
4H ; retry
6W ; expiry
1W ) ; minimum
IN NS ns1.example.com.
100 IN PTR ns1.example.com.
101 IN PTR samba1.example.com.
Configuring File Ownership
Set file ownership:
% chown named.named /var/named/dynamic/example.com.zone % chown named.named /var/named/192.168.1.rev
Copy zone configuration file:
% cp $INSTALL_DIR/named.conf /etc/named-samba.conf % chown named.named /etc/named-samba.conf
Configuring DNS
Edit /etc/named.conf:
options {
#listen-on port 53 { 127.0.0.1; };
#listen-on-v6 port 53 { ::1; };
#allow-query { localhost; };
...
};
include "/etc/named-samba.conf";
Edit /etc/named-samba.conf:
zone "example.com." IN {
type master;
file "/var/named/dynamic/example.com.zone";
};
zone "1.168.192.in-addr.arpa." IN {
type master;
file "192.168.1.rev";
};
Restart DNS:
% service named restart
Multiple Samba Instances
The DNS can to be configured such that it points to several Samba instances for failover.
$ORIGIN example.com.
$TTL 1W
@ IN SOA example.com. root.example.com. (
01 ; serial
2D ; refresh
4H ; retry
6W ; expiry
1W ) ; minimum
IN NS ns1
IN A 192.168.1.101
IN A 192.168.1.102
ns1 IN A 192.168.1.100
samba1 IN A 192.168.1.101
samba2 IN A 192.168.1.102
gc._msdcs IN CNAME samba1
ff3b280e-6caa-11de-ab0a-e44b8f038cdc._msdcs IN CNAME samba1
_gc._tcp IN SRV 0 100 3268 samba1
_gc._tcp.Default-First-Site-Name._sites IN SRV 0 100 3268 samba1
_ldap._tcp.gc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp IN SRV 0 100 389 samba1
_ldap._tcp IN SRV 0 100 389 samba2
_ldap._tcp.dc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.dc._msdcs IN SRV 0 100 389 samba2
_ldap._tcp.pdc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.ff3b2587-6caa-11de-ab0a-e44b8f038cdc IN SRV 0 100 389 samba1
_ldap._tcp.ff3b2587-6caa-11de-ab0a-e44b8f038cdc IN SRV 0 100 389 samba2
_ldap._tcp.ff3b2587-6caa-11de-ab0a-e44b8f038cdc.domains._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.ff3b2587-6caa-11de-ab0a-e44b8f038cdc.domains._msdcs IN SRV 0 100 389 samba2
_ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 samba1
_ldap._tcp.Default-First-Site-Name._sites IN SRV 0 100 389 samba2
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 samba1
_ldap._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 389 samba2
_kerberos._tcp IN SRV 0 100 88 samba1
_kerberos._tcp IN SRV 0 100 88 samba2
_kerberos._tcp.dc._msdcs IN SRV 0 100 88 samba1
_kerberos._tcp.dc._msdcs IN SRV 0 100 88 samba2
_kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 samba1
_kerberos._tcp.Default-First-Site-Name._sites IN SRV 0 100 88 samba2
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 samba1
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs IN SRV 0 100 88 samba2
_kerberos._udp IN SRV 0 100 88 samba1
_kerberos._udp IN SRV 0 100 88 samba2
_kerberos-master._tcp IN SRV 0 100 88 samba1
_kerberos-master._tcp IN SRV 0 100 88 samba2
_kerberos-master._udp IN SRV 0 100 88 samba1
_kerberos-master._udp IN SRV 0 100 88 samba2
_kpasswd._tcp IN SRV 0 100 464 samba1
_kpasswd._tcp IN SRV 0 100 464 samba2
_kpasswd._udp IN SRV 0 100 464 samba1
_kpasswd._udp IN SRV 0 100 464 samba2
_kerberos IN TXT EXAMPLE.COM
Verification
% dig _kerberos.example.com TXT @localhost % dig _ldap._tcp.dc._msdcs.example.com SRV @localhost