blob: 6e69f59d17b18812a05c456bee6633eba218b906 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
# This file should be included in your main BIND configuration file
#
# For example with
# include "${NAMED_CONF}";
zone "${DNSDOMAIN}." IN {
type master;
file "${ZONE_FILE}";
/*
* the list of principals and what they can change is created
* dynamically by Samba, based on the membership of the domain controllers
* group. The provision just creates this file as an empty file.
*/
include "${NAMED_CONF_UPDATE}";
/* we need to use check-names ignore so _msdcs A records can be created */
check-names ignore;
};
# The reverse zone configuration is optional. The following example assumes a
# subnet of 192.168.123.0/24:
/*
zone "123.168.192.in-addr.arpa" in {
type master;
file "123.168.192.in-addr.arpa.zone";
update-policy {
grant ${REALM_WC} wildcard *.123.168.192.in-addr.arpa. PTR;
};
};
*/
# Note that the reverse zone file is not created during the provision process.
# The most recent BIND versions (9.7.2 or later) support secure GSS-TSIG
# updates. If you are running an earlier version of BIND, or if you do not wish
# to use secure GSS-TSIG updates, you may remove the update-policy sections in
# both examples above.
|