Updating bind dns records
The default profile suggests that these files should be put in /var/lib/bind.
If you have followed the steps in my previous post you might have your zone database files in /etc/bind/zones.
"-d" for debug NSUPDFLAGS="-d" # krbcc ticket cache export KRB5CCNAME="/tmp/dhcp-dyndns.cc" # Kerberos principal SETPRINCIPAL="[email protected]$" # Kerberos keytab # /etc/dhcpduser.keytab # krbcc ticket cache # /tmp/TESTUSER="$($WBINFO -u) | grep 'dhcpduser')" if [ -z "$" ]; then logger "No AD dhcp user exists, need to create it first..
exiting." logger "you can do this by typing the following commands" logger "kinit [email protected]$" logger "samba-tool user create dhcpduser --random-password --description=\"Unprivileged user for DNS updates via ISC DHCP server\"" logger "samba-tool user setexpiry dhcpduser --noexpiry" logger "samba-tool group addmembers Dns Admins dhcpduser" exit 1 fi # Check for Kerberos keytab if [ !
authoritative; # Use this to send dhcp log messages to a different log file (you also # have to hack to complete the redirection). Some people have mentioned that they think that bind messes up these files so that they are impossible to maintain.
I don’t think that they are that bad and personally I don’t have any problem editing them after that bind has rewritten them.
But for me the dnssec-keygen would just halt without that parameter.But I didn’t want this and I’m not going to update these files that often that it matters to me.When using the dnssec-keygen to generate the secret key I passed it the parameter “-r /dev/urandom”.So it looks like it will add new records but not update existing ones. I started wondering if this had something to do with installing the Pertino client on my DCs last Friday but am not sure.
Search for updating bind dns records:
This How To describes how to configure isc DHCP to update a Samba DC BIND DNS backend.