Samba DNS Forwardert the long way to get things done

hucky · May 7, 2025, 10:54am

NethServer Version: 8
Hello again, i try to bring a dns forwarder into the great samba dns system. i tried it with
dns forwarder = 8.8.8.8 entry in the smb.conf but it is overwritten by restarting the system. How can i make it work?

Mastermind · May 7, 2025, 11:51am

Hi,
try to set it in the include.conf.
Hope this will help.
Regards

davidep · May 7, 2025, 1:36pm

I’m afraid we cannot customize dns forwarder option in include.conf because it is overridden by a command-line argument.

My question is why do it? The dns fowarder value reflects the node’s resolv.conf nameservers. If you want to use 8.8.8.8 as resolver, configure the node resolv.conf to use it and restart samba-dc with

runagent -m samba1 systemctl --user restart samba-dc

hucky · May 7, 2025, 1:52pm

Because the NS8 Samba DNS is crap, i need to forward it to a different DNS Server but if i bring up the other one first via DHCP to the clients, the active directory dont work properly. will try the edit the node resolv.conf now and check it out.

i edit the resolv.conf, this is now inside:
search ad.domain.de
nameserver 192.168.1.2
dns-forwarder 192.168.1.111 ← Pihole System
dns-forwarder 192.168.1.203 ← Firewall
but it seems not to work

davidep · May 7, 2025, 2:08pm

I often hear this kind of assertion

If you’re using NethSecurity or a similar network appliance as your network’s DNS forwarder, configure it to forward AD zone queries directly to the Samba container’s IP address. This ensures that DNS lookups for the Active Directory domain are resolved correctly by the authoritative server.

In dnsmasq terms, you’d configure it like this:

server=/ad.example.org/192.168.1.1

With a similar configuration, Samba is off-loaded from general DNS traffic and is queried only for the zone it is authoritative for.

Never ever mix distinct DNS forwarder/resolvers: they’ll give you back unpredictable replies.

I guess there’s an error with dns-forwarder lines. It should be nameserver instead.

Remove those lines and use a single nameserver:

nameserver 8.8.8.8

hucky · May 7, 2025, 2:20pm

no success with it. it seems if i edit the resolv.conf of the samba it turned back to the file like before without the new entrys, overwrite it during the samba restart