I think we may be talking past each other. I was referring to (client) machine
trust accounts inside of AD, not hostnames in DNS.
I now think you are referring to the latter. I can see how that can work.
--
Grant. . . .
unix || die
smime.p7s
Description: S/MIME cryptographic signature
__
the few "gotchas" associated with disjoint
namespaces.
- Kevin
-Original Message-
From: bind-users On Behalf Of Grant Taylor
via bind-users
Sent: Wednesday, June 27, 2
Hmmm... My understanding was that the only requirement was that the DNS
server pointed to by the AD DC (in this case the AD is managed by SAMBA)
had to be authoritative for the domain in DNS which represented the
matching AD domain. This was a common holy war between MCSE folks and Bind
groupies.
@all
I still do not see any relevant point that will take the DNS authority
leaving the AD and do something to resolve your queries. As the wiki says,
security is essential and you do not have to risk it and let the data be
compromised.
And remember, I'm at an education institute with courses in
On 06/26/2018 10:21 PM, Mark Andrews wrote:
And if you are not using AD you can use SIG(0) and KEY records to allow
hosts to authenticate updates to the DNS for their own records.
I'm not quite following. Do you mean that you can allow hosts to update
their own RRs without requiring AD and us
And if you are not using AD you can use SIG(0) and KEY records
to allow hosts to authenticate updates to the DNS for their own
records.
Instead of registering a host with AD you add a KEY record into
the DNS which has the public key of the host which is to be used
to sign the UPDATE requests. Unf
On 06/26/2018 06:21 PM, Elias Pereira wrote:
yes. :)
https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ#Why_This_Matters
Hum.
After reading that section of the page you linked to, I'm not convinced
that the DNS /must/ be on the Samba server.
How would this work in the scenario I
>
> Is that truly a requirement?
> Is this not the same with Samba? Is there something specific about
> Samba that does require it to be authoritative for the zone?
yes. :)
https://wiki.samba.org/index.php/Active_Directory_Naming_FAQ#Why_This_Matters
But I know that Windows servers just
> need
On 06/26/2018 05:20 PM, Elias Pereira wrote:
since the samba needs to be authoritative on its own dns.
Is that truly a requirement?
I've not messed with AD on Samba. But I know that Windows servers just
need the ability to update DNS. They do not need to be authoritative
for it.
Is this
Spammers on the bind list? Lol
@Reindl Harald
Thanks for the answer!! I'll take a look!
@John Miller
compay.intra is a example domain. :)
In our institution we have a valid domain and we belong to an educational
institution group. The institution is company.intra and that will provision
a samba4
Hi Elias,
Generally not. Unless .intra is a valid top-level-domain, and
company.intra is registered with the .intra registrars, your external
DNS will need to be different. And in any case, you probably want
your public Internet presence to reflect your actual company name and
be in a TLD that p
11 matches
Mail list logo