From 4f5791ebd03eaec1c7da0865a383175b05102712 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 5 May 2024 19:47:29 +0200 Subject: Adding upstream version 2:4.17.12+dfsg. Signed-off-by: Daniel Baumann --- source4/setup/named.conf | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 source4/setup/named.conf (limited to 'source4/setup/named.conf') diff --git a/source4/setup/named.conf b/source4/setup/named.conf new file mode 100644 index 0000000..a36f781 --- /dev/null +++ b/source4/setup/named.conf @@ -0,0 +1,39 @@ +# This file should be included in your main BIND configuration file +# +# For example with +# include "${NAMED_CONF}"; + +zone "${DNSDOMAIN}." IN { + type master; + file "${ZONE_FILE}"; + /* + * the list of principals and what they can change is created + * dynamically by Samba, based on the membership of the domain controllers + * group. The provision just creates this file as an empty file. + */ + include "${NAMED_CONF_UPDATE}"; + + /* we need to use check-names ignore so _msdcs A records can be created */ + check-names ignore; +}; + +# The reverse zone configuration is optional. The following example assumes a +# subnet of 192.168.123.0/24: + +/* +zone "123.168.192.in-addr.arpa" in { + type master; + file "123.168.192.in-addr.arpa.zone"; + update-policy { + grant ${REALM_WC} wildcard *.123.168.192.in-addr.arpa. PTR; + }; +}; +*/ + +# Note that the reverse zone file is not created during the provision process. + +# The most recent BIND versions (9.8 or later) support secure GSS-TSIG +# updates. If you are running an earlier version of BIND, or if you do not wish +# to use secure GSS-TSIG updates, you may remove the update-policy sections in +# both examples above. + -- cgit v1.2.3