Samba Internal DNS Back End
Introduction
The Samba Active Directory (AD) domain controller (DC) provides an internal DNS server that supports the basic feature required in an AD. It is easy to configure and requires no additional software or knowledge about DNS. The INTERNAL_DNS
back end is recommended for simple DNS setups.
Limitations
The internal DNS does not support:
- acting as a caching resolver
- recursive queries
- shared-key transaction signature (TSIG)
- stub zones
- zone transfers
Setting up Dynamic DNS Updates Using Kerberos
Dynamic DNS updates using Kerberos is enabled by default in the internal DNS server. To change this setting, set the allow dns updates
parameter in the smb.conf
file.
For further details, see the smb.conf (5)
man page.
Setting up a DNS Forwarder
The internal DNS server is only able to resolve the Active Directory (AD) DNS zones. To enable recursive queries of other zones, set the dns forwarder
parameter in the smb.conf
file to one or more IP addresses of DNS servers that support recursive resolving. For example:
dns forwarder = 8.8.8.8
Samba 4.5 and later supports multiple space-separated IP addresses. Older versions support one IP address. |
For further details, see the smb.conf (5)
man page.