Installing and configuring Hybrid DNS
Tranquil IT recommends the use of both Samba-AD internal DNS server and Bind. The Samba-AD internal DNS server will handle internal queries, while Bind will manage external ones. This configuration uses few resources and benefits from the caching functionality provided by Bind.

Install the Bind package:
yum install bind bind-utils
Modify the options section of the file
/etc/named.conf
(remember to modify the forwarder):options { directory "/var/named"; // Exemple de forwarder : forwarders { 1.1.1.1; }; allow-query { any; }; dnssec-validation no; minimal-responses yes; auth-nxdomain no; # conform to RFC1035 listen-on-v6 port 5353 { ::1; }; listen-on port 5353 { 127.0.0.1; }; };
If needed, you can set a forwarder for a specific zone, modify the local section of the file
/etc/named.conf
:zone "myforwardedzone.lan" { type forward; forward only; forwarders { 192.168.50.10; } ; };
Disable IPv6 bind on the local network in
/etc/sysconfig/named
:# startup options for the server OPTIONS="-4"
In
/etc/samba/smb.conf
, add the following line:[global] ... dns forwarder = 127.0.0.1:5353
Finally restart the samba and named services:
systemctl restart samba systemctl restart named
Ensuring the correct configuration of Bind
Ensure that the Bind server is listening on port 5353:
netstat -tapn | grep 5353 tcp 0 0 127.0.0.1:5353 0.0.0.0:* LISTEN 5291/named
Test local and recursive queries:
dig @localhost google.fr dig @localhost srvads.mydomain.lan dig -t SRV @localhost _ldap._tcp.mydomain.lan
Congratulations, your configuration is moving forward and you have just taken another step towards the solidity and efficacy of your Samba-AD installation.
Now, we will configure the NTP service so that your Samba-AD and the workstations of your network are all on the right time and synchronized!!