Примечание
/etc/bind/options.conf
:
options { forwarders { 8.8.8.8; }; };
/etc/bind/options.conf
:
zone "trust.dom" in { type forward; forwarders { 10.64.224.10; }; };
Таблица 5.2. Исходные данные
|
Имя домена
|
Контроллер домена
|
IP-адрес
|
ОС контроллера домена
|
Версия Samba
|
---|---|---|---|---|---|
Домен Linux
|
TEST.ALT
|
dc1.test.alt
|
192.168.0.122
|
ALT Server 10.2
|
4.19.6
|
Домен Linux
|
EXAMPLE.ALT
|
s1.example.alt
|
192.168.0.172
|
ALT Server 10.2
|
4.19.6
|
Выделенный DNS-сервер
|
|
|
192.168.0.150
|
ALT Server 10.2
|
|
/etc/bind/options.conf
:
zone "example.alt" { type forward; forwarders { 192.168.0.172; }; };
zone "test.alt" { type forward; forwarders { 192.168.0.122; }; };
# systemctl restart bind.service
Примечание
/etc/bind/options.conf
в секцию options
добавить параметр:
dnssec-validation no;И перезапустить службу DNS:
# systemctl restart bind.service
/etc/samba/smb.conf
(в параметре dns forwarder
). Например:
dns forwarder = 192.168.0.150 8.8.8.8
# systemctl restart samba
/etc/bind/options.conf
:
options
добавить параметр:
dnssec-validation no;
/etc/bind/options.conf
(или /etc/bind/ddns.conf
) добавить информацию о зонах:
zone "example.alt" { type forward; forwarders { 192.168.0.172; }; }; zone "test.alt" { type forward; forwarders { 192.168.0.122; }; };
# systemctl restart bind.service
#host -t srv _kerberos._tcp.example.alt
_kerberos._tcp.example.alt has SRV record 0 100 88 s1.example.alt. #host -t srv _kerberos._tcp.test.alt
_kerberos._tcp.test.alt has SRV record 0 100 88 dc1.test.alt.
#host -t srv _kerberos._tcp.example.alt
_kerberos._tcp.example.alt has SRV record 0 100 88 s1.example.alt. #host -t srv _kerberos._tcp.test.alt
_kerberos._tcp.test.alt has SRV record 0 100 88 dc1.test.alt.
#kinit administrator@EXAMPLE.ALT
Password for administrator@EXAMPLE.ALT: #klist
Ticket cache: KEYRING:persistent:0:krb_ccache_eFyZ8Tr Default principal: administrator@EXAMPLE.ALT Valid starting Expires Service principal 27.03.2024 14:14:36 28.03.2024 00:14:36 krbtgt/TEST.ALT@TEST.ALT renew until 28.03.2024 14:14:32
#kinit administrator@TEST.ALT
Password for administrator@TEST.ALT: #klist
Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administrator@TEST.ALT Valid starting Expires Service principal 27.03.2024 15:17:50 28.03.2024 01:17:50 krbtgt/TEST.ALT@TEST.ALT renew until 28.03.2024 15:17:46
Важно