Best practice response policy zone with Samba4 domain

UCS - Univention Corporate Server
, ,
#1

Hi all!

Is there a default way or a best practice with UCS as a Samba4 DC (i.e. BIND’s RRs come from Samba4) if you want to configure a “repsonse policy zone” with BIND in order to override certain RRs from external zones (i.e. not wthin UCS’ domain zone)? I think we’re talking about the files /etc/bind/local-predlz.conf.samba4 and /etc/bind/local.conf.samba4/etc/bind/local.conf.samba4. Is one preferable over the other? If so, why?

Best regards, Valentin

#2

Hey,

if all you’re dealing with are records outside of the zones that UCS itself manages, then either file should work just fine. The only difference is when they’re included from the main file, named.conf.samba4. I’m actually not sure what possible scenarios are that require settings to be applied before the Samba DLZ module/database is loaded… But like I said, that shouldn’t make a difference regarding out-of-zone entries.

Kind regards,
mosu

Mastodon