Samba4 Internal DNS with DHCP Server

Question

On FreeBSD we run Samba4 as a DC and until recently had our IP addresses handed out by the routers DHCP server. We switched to running a DHCP server on the FreeBSD machine with the following configuration:-

# dhcpd.conf
#
# Sample configuration file for ISC dhcpd 
#

# option definitions common to all supported networks...
option domain-name "hlb.net";
option domain-name-servers 192.168.1.4;

default-lease-time 600;
max-lease-time 7200;

# Use this to enble / disable dynamic dns updates globally.
#ddns-update-style none;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;

# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;


# This is a very basic subnet declaration.

subnet 192.168.1.0 netmask 255.255.255.0 {
  range 192.168.1.5 192.168.1.253;
  option routers 192.168.1.254;
}

We now cannot add machines to the domain. The Windows 8.1 clients complain of "path not found" after entering credentials, correct or not.

The Samba4 configuration is very simple:-

#Global parameters
[global]
    workgroup = HLB
    realm = HLB.NET
    netbios name = SERVER1
    server role = active directory domain controller
    dns forwarder = 192.168.1.254
    nsupdate command = /usr/local/bin/samba-nsupdate -g
    allow dns updates = nonsecure

[netlogon]
    path = /var/db/samba4/sysvol/hlb.net/scripts
    read only = No

[sysvol]
    path = /var/db/samba4/sysvol
    read only = No

[home]
    path = /srvdata/homes
    read only = No

[profiles]
    path = /srvdata/profiles
    read only = No

[packages]
    path = /srvdata/packages
    read only = No

DNS tests seem to be as expected:- host -t SRV _ldap._tcp.hlb.net Yields:-

_ldap._tcp.hlb.net has SRV record 0 100 389 server1.hlb.net.

And:-

host -t SRV _kerberos._udp.hlb.net

Yields:-

_kerberos._udp.hlb.net has SRV record 0 100 88 server1.hlb.net.

Finally, whe testing the DNS A record via:-

host -t A SERVER1.hlb.net

The following is returned:-

SERVER1.hlb.net has address 192.168.1.4

It seems that we may have missed some configuration option when setting up the DHCP server, however we are stumped at the moment. Any insight would be superb as we are sure there are others that have a similar setup to us.

score 1 · Answer 1 · answered Jan 01 '18 at 14:30

1

try to define your dns servers into your subnet :

subnet 192.168.1.0 netmask 255.255.255.0 {
  range 192.168.1.5 192.168.1.253;
  option routers 192.168.1.254;
  option domain-name "hlb.net";
  option domain-name-servers 192.168.1.4;
}

answered Jan 01 '18 at 14:30

lemassykoi

11
1

This should really take care of it unless your system is expecting some kind of LDAP related DHCP option (which it shouldn't have to with AD or Samba - that information is in DNS). But yes, you definitely need to tell clients what their DNS servers are supposed to be in order to get directory service related records from them - and those DNS servers should be a Samba or AD DC. – Spooler Mar 05 '18 at 06:32

Samba4 Internal DNS with DHCP Server

1 Answers1