Ubuntu

Cannot add static host to samba AD DNS

Asked by Frank Thynne

I'm using Samba 4.3.11 on Ubuntu 16.04.03 LTS and have created a working AD server but serving only itself at present.

I need to new A records to the dynamic DNS zone set up by samba-tool provision. I do not at this stage wish to use DHCP in the domain.

Some of the network hosts will not be domain members, including printers and a (non AD) domain controller in a different domain on the same IP network but which I want to isolate from my AD domain most of the time.

My difficulty is that rndc does not support adding dns records and nsupdate hits "permission refused".

Where am I going wrong?

Question information

Language:
English Edit question
Status:
Expired
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
actionparsnip (andrew-woodhead666) said : 		#1

DHCP and DNS are completely separate technologies you can run a DNS server and not use DHCP and it'll work fine.

I can suggest that you setup a DNS server for your LAN then set it as your nameserver when you are in the network. It'll make things a lot easier

Revision history for this message
Frank Thynne (fthynne) said : 		#2

I mention DHCP only because it is often used to update DNS -- and it already does that for hosts in another domain on the same subnet.

DNS already exists for my new AD domain, and samba clients and hosts in its zone get added automatically by samba. Are you suggesting that I have a second zone covering the same subnet? How would reverse lookups work?

Revision history for this message
Frank Thynne (fthynne) said : 		#3

I haven't found a way to update a Samba DLZ zone to include non-samba hosts, but I think I have a partial work-around for my requirements.

Thank you for your earlier response, Andrew. It gave me a hint to create a new zone but I didn't need another DNS server. I have created another zone on the same server with entries for the non-samba hosts and it seems to be working.

Unfortunately that zone also seems to refuse updates from nsupdate but I can edit the zone db file. Naturally that requires careful maintenance of the serial numbers of the forward and reverse zones as well as managing the zone records.

I had hoped to leave an easy script for local admins to manage new and retired hosts but it will be a little harder!

I would still like to know why I can't make dynamic updates work I haven't found useful debugging info, but perhaps investigating what samba and samba-tool do would help. As far as I can see, Samba's zones are not stored as text files, but presumably there is a protocol for talking to named that samba and dhcp use. Perhaps I should look for a relevant RFC.

Revision history for this message
Launchpad Janitor (janitor) said : 		#4

This question was expired because it remained in the 'Open' state without activity for the last 15 days.

Revision history for this message
Frank Thynne (fthynne) said : 		#5

RFCs 4033, 4034, 4035 and 4702 appear to be those I should study.

However, using rndc with BIND, which should work following the rfcs seems not to work without restarting named. In my environment this is regrettable but not critical.

Revision history for this message
Launchpad Janitor (janitor) said : 		#6

This question was expired because it remained in the 'Open' state without activity for the last 15 days.