I don't think DNS dynamic updates is required for Windows clients.
Windows clients do not provide services (in most cases) so they don't
need to be located in DNS/AD. I found, when running BIND9 as my primary
DNS server that I did not like the why DDNS updated and resorted my
zone files. I didn't like having files with static entries being
changed by the server.
Actually, you don't absolutely need Dynamic DNS for servers. When a
machine joins the domain as a domain controller it does try to update
DNS- but if it can't it will write the required changes to a text file
(don't remember which off the top of my head but the event log will tell
you. I have a mixed environment of Samba 3 PDC domains and Windows
AD domains. I found it easiest to make one of my Windows machines the
DNS server and only enable DDNS while adding/removing a DC to the domain.
I have not used samba 4- since it is still listed an Alpha.
Samba 3 does support domain trusts with Windows domains- so if you have
little pockets already running Windows AD domains, you can still work
with them.
I think the one question you need to ask is: what is the cost of
implementing AD vs what is the cost of my time to make samba work? I
run a mix of windows and linux clients, so samba is a good solution for
me since the underlying servers also support NFS, LDAP and other stuff
that plays nice with linux clients. But I wish Samba 3 did have GPO
support. You can use "NT4" type policies so some degree with Samba
3. You can even create policy templates to implement specific registry
changes- but it is a pain. I am hoping to see if I can use a Windows
DC as an LDAP/Keberos master for my environment, while keeping
Samba/Unix servers as file servers, but leveraging some of the stuff
that Windows AD does do well.
On 04/07/2011 09:18 AM, Valéry Roché wrote:
Hi again,
Replying to myself concerning DNSupdates. I found this :
"If you are joining Samba4 to an existing Windows DNS domain, or you
are using a Windows DNS server instead of bind9, then you need bind
version 9.7.2rc1 (or higher) for the nsupdate command to correctly
work with recent versions of Windows. If you don't have bind 9.7.2rc1
or better, recent Windows clients (such as Windows7 and Win2K8) won't
be able to do dynamic DNS updates to your bind9 server, and bind9
won't be able to do dynamic DNS updates against a Windows DNS server."
(https://wiki.samba.org/index.php/Samba4/HOWTO)
That should do the work, will try it if I can find some explanations
on how to setup Bind9 in this way.
Kind regards,
Valéry Roché
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
