samba-tool dns
The samba-tool dns command group is a set of Samba utilities for managing DNS records in an Active Directory environment. It is used to query, add, delete, update, and check DNS records on a DNS server (which may be Samba’s internal DNS server or an external one like BIND9 with DLZ). Maintaining accurate DNS records is critical for proper domain controller discovery, Kerberos authentication, and overall Active Directory functionality.
Overview
In an AD environment, DNS records (including A, PTR, and SRV records) enable clients to locate domain controllers and services. The samba-tool dns commands allow administrators to:
Query DNS records to verify current settings.
Add new records when services are deployed or IP addresses change.
Delete obsolete records that are no longer needed.
Update existing records to reflect current network information.
Check zone integrity to detect potential issues.
Common Subcommands
1. query
queryPurpose: Retrieve DNS records from a specific zone.
Usage:
samba-tool dns query <server> <zone> <node> [<record type>] [options]Example:
samba-tool dns query dc.example.com example.com @ A -U AdministratorThis queries the A records for the root of the
example.comzone on the DNS serverdc.example.com.
2. add
addPurpose: Add a new DNS record.
Usage:
samba-tool dns add <server> <zone> <node> <record type> <record data> [options]Example:
samba-tool dns add dc.example.com example.com www A 192.168.1.100 -U AdministratorThis adds an A record for
www.example.comwith the IP address192.168.1.100.
3. delete
deletePurpose: Remove an existing DNS record.
Usage:
samba-tool dns delete <server> <zone> <node> <record type> <record data> [options]Example:
samba-tool dns delete dc.example.com example.com www A 192.168.1.100 -U AdministratorThis deletes the specified A record from the zone.
4. update
updatePurpose: Update an existing DNS record.
Usage:
samba-tool dns update <server> <zone> <node> <record type> <old record data> <new record data> [options]Example:
samba-tool dns update dc.example.com example.com www A 192.168.1.100 192.168.1.101 -U AdministratorThis command updates the A record for
www.example.comfrom the old IP to a new IP address.
5. check
checkPurpose: Verify the integrity or health of DNS records within a zone.
Usage:
samba-tool dns check <server> <zone> [options]Example:
samba-tool dns check dc.example.com example.com -U AdministratorThis checks the
example.comzone for potential DNS issues.
6. list
listPurpose: List all DNS records for a given node or zone.
Usage:
samba-tool dns list <server> <zone> <node> [options]Example:
samba-tool dns list dc.example.com example.com @ -U AdministratorThis lists all DNS records at the zone root of
example.com.
Additional Options
-U <username>: Specifies the administrator account for authentication.--verbose: Provides detailed output for troubleshooting.Other Options: Depending on your Samba version, additional options may be available to control output formatting or to target specific record attributes.
Use Cases
Domain Controller Discovery: Ensuring that SRV records for domain controllers are accurate so that clients can locate them.
Service Registration: Adding or updating DNS records for new services or after network changes.
Zone Maintenance: Periodically querying and checking the DNS zone to confirm that records are up-to-date and correct.
Conclusion
The samba-tool dns command group is essential for managing DNS records in a Samba Active Directory environment. Whether you need to query current records, add new ones, delete outdated entries, update existing records, or perform health checks, these subcommands provide the necessary functionality. Proper DNS management via samba-tool dns is key to ensuring reliable domain controller discovery, seamless Kerberos authentication, and overall network stability.
Last updated