The Samba AD DNS Back Ends
Developing and using the DNS server built into Samba. AD backend.
As of early September 2012, the internal DNS server is fully functional, for both GSS-TSIG-signed and unsigned updates.
There are three options that can be added to smb.conf to control the behavior of DNS at this point:
# Allow unsigned updates | don't allow any updates | only allow signed updates allow dns updates = True | False | signed # If recursive queries = yes is set, the following is also needed dns forwarder = <ip addr of external dns server>
The samba_dnsupdate command sometimes doesn't work for signed updates. We're currenly investigating. Client systems like samba3 or Win7 work fine.
Run during make test
TDB_NO_FSYNC=1 make test TESTS=samba.tests.dns
Run against external servers (Windows or BIND)
SERVER_IP=<dns server ip> SERVER=<dns server name> REALM=<dns server domain name part> PYTHONPATH=`pwd`/bin/python ./source4/scripting/bin/subunitrun samba.tests.dns
BIND 9.8.0 DLZ plug-in
Dynamically loaded zones plug-in for BIND 9.8.0. AD backend.
Module is built with Samba, handles RFC 1035 and RFC 2136
BIND & samba_dnsupdate
Non-AD backend, but works with older BINDs.
samba_dnsupdate script shipped with Samba, lets BIND handle DNS and just dynamically modifies AD-related information.