Samba4 DNS

DNS Entries for PDC

file located at /usr/local/samba/private/dns_update_list

# this is a list of DNS entries which will be put into DNS using
# dynamic DNS update. It is processed by the samba_dnsupdate script
A                                                        ${DNSDOMAIN} $IP
A                                                        ${HOSTNAME} $IP
AAAA                                                     ${DNSDOMAIN} $IP
AAAA                                                     ${HOSTNAME} $IP

A                                                        gc._msdcs.${DNSFOREST} $IP
AAAA                                                     gc._msdcs.${DNSFOREST} $IP

CNAME ${NTDSGUID}._msdcs.${DNSFOREST}                    ${HOSTNAME}

SRV _kpasswd._tcp.${DNSDOMAIN}                           ${HOSTNAME} 464
SRV _kpasswd._udp.${DNSDOMAIN}                           ${HOSTNAME} 464

SRV _kerberos._tcp.${DNSDOMAIN}                          ${HOSTNAME} 88
SRV _kerberos._tcp.dc._msdcs.${DNSDOMAIN}                ${HOSTNAME} 88
SRV _kerberos._tcp.dc._msdcs.${DNSFOREST}                ${HOSTNAME} 88
SRV _kerberos._tcp.${SITE}._sites.${DNSDOMAIN}           ${HOSTNAME} 88
SRV _kerberos._tcp.${SITE}._sites.dc._msdcs.${DNSDOMAIN} ${HOSTNAME} 88
SRV _kerberos._tcp.${SITE}._sites.dc._msdcs.${DNSFOREST} ${HOSTNAME} 88

SRV _kerberos._udp.${DNSDOMAIN}                          ${HOSTNAME} 88

SRV _ldap._tcp.${DNSDOMAIN}                              ${HOSTNAME} 389
SRV _ldap._tcp.dc._msdcs.${DNSDOMAIN}                    ${HOSTNAME} 389
SRV _ldap._tcp.dc._msdcs.${DNSFOREST}                    ${HOSTNAME} 389
SRV _ldap._tcp.gc._msdcs.${DNSFOREST}                    ${HOSTNAME} 3268
SRV _ldap._tcp.pdc._msdcs.${DNSDOMAIN}                   ${HOSTNAME} 389
SRV _ldap._tcp.pdc._msdcs.${DNSFOREST}                   ${HOSTNAME} 389
SRV _ldap._tcp.${SITE}._sites.${DNSDOMAIN}	         ${HOSTNAME} 389
SRV _ldap._tcp.${SITE}._sites.dc._msdcs.${DNSDOMAIN}     ${HOSTNAME} 389
SRV _ldap._tcp.${SITE}._sites.dc._msdcs.${DNSFOREST}     ${HOSTNAME} 389
SRV _ldap._tcp.${SITE}._sites.gc._msdcs.${DNSFOREST}     ${HOSTNAME} 3268
SRV _ldap._tcp.${DOMAINGUID}.domains._msdcs.${DNSFOREST} ${HOSTNAME} 389


SRV _gc._tcp.${DNSFOREST}                                ${HOSTNAME} 3268
SRV _gc._tcp.${SITE}._sites.${DNSFOREST}                 ${HOSTNAME} 3268

there are duplicate entries for the PDC(maybe for BDC as well)
can find parameters ${DNSFOREST}, ${DNSDOMAIN}, ${DOMAINGUID}, ${HOSTNAME}, ${NTDSGUID}, ${SITE} by putting a few print statements in samba_dnsupdate

Find Variables

patch for print statements to easily find variables

--- samba_dnsupdate	2014-06-04 15:58:59.324101278 -0700
+++ /root/scripts_samba/samba_dnsupdate	2014-06-04 15:41:38.683189142 -0700
@@ -271,17 +271,9 @@ def get_subst_vars(samdb):
     vars['HOSTNAME']  = samdb.host_dns_name()
     vars['NTDSGUID']  = samdb.get_ntds_GUID()
     vars['SITE']      = samdb.server_site_name()
-    if opts.verbose:
-        print "INFO: DNSDOMAIN is :: %s" % vars['DNSDOMAIN']
-        print "INFO: DNSFOREST is :: %s" % vars['DNSFOREST']
-        print "INFO: HOSTNAME is :: %s" % vars['HOSTNAME']
-        print "INFO: NTDSGUID is :: %s" % vars['NTDSGUID']
-        print "INFO: SITE is :: %s" % vars['SITE']
     res = samdb.search(base=samdb.get_default_basedn(), scope=SCOPE_BASE, attrs=["objectGUID"])
     guid = samdb.schema_format_value("objectGUID", res[0]['objectGUID'][0])
     vars['DOMAINGUID'] = guid
-    if opts.verbose:
-        print "INFO: DOMAINGUID is :: %s" % vars['DOMAINGUID']
     am_rodc = samdb.am_rodc()

run the following to get just what you need

samba_dnsupdate --verbose | grep "INFO:"

will spit out the variables needed to be added into DNS

Check all DNS entries(WIP)

#!/bin/bash

#fill in variables
DNSDOMAIN=
DNSFOREST=
HOSTNAME=
NTDSGUID=
SITE=
DOMAINGUID=

COMM="host -t"

$COMM SRV _kpasswd._tcp.${DNSDOMAIN}
$COMM SRV _kpasswd._udp.${DNSDOMAIN}

$COMM SRV _kerberos._tcp.${DNSDOMAIN}
$COMM SRV _kerberos._tcp.dc._msdcs.${DNSDOMAIN}
$COMM SRV _kerberos._tcp.dc._msdcs.${DNSFOREST}
$COMM SRV _kerberos._tcp.${SITE}._sites.${DNSDOMAIN}
$COMM SRV _kerberos._tcp.${SITE}._sites.dc._msdcs.${DNSDOMAIN}
$COMM SRV _kerberos._tcp.${SITE}._sites.dc._msdcs.${DNSFOREST}

$COMM SRV _kerberos._udp.${DNSDOMAIN}

$COMM SRV _ldap._tcp.${DNSDOMAIN}
$COMM SRV _ldap._tcp.dc._msdcs.${DNSDOMAIN}
$COMM SRV _ldap._tcp.dc._msdcs.${DNSFOREST}
$COMM SRV _ldap._tcp.gc._msdcs.${DNSFOREST}
$COMM SRV _ldap._tcp.pdc._msdcs.${DNSDOMAIN}
$COMM SRV _ldap._tcp.pdc._msdcs.${DNSFOREST}
$COMM SRV _ldap._tcp.${SITE}._sites.${DNSDOMAIN}
$COMM SRV _ldap._tcp.${SITE}._sites.dc._msdcs.${DNSDOMAIN}
$COMM SRV _ldap._tcp.${SITE}._sites.dc._msdcs.${DNSFOREST}
$COMM SRV _ldap._tcp.${SITE}._sites.gc._msdcs.${DNSFOREST}
$COMM SRV _ldap._tcp.${DOMAINGUID}.domains._msdcs.${DNSFOREST}

$COMM SRV _gc._tcp.${DNSFOREST}
$COMM SRV _gc._tcp.${SITE}._sites.${DNSFOREST}

running the script will show you all entires that are in and which are not

Samba4 DNS

DNS Entries for PDC

Find Variables

Check all DNS entries(WIP)

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Documentation

Category Pages

Links

Search

Tools