Gestione DNS con sambatool: Difference between revisions

From RVM Wiki
Jump to navigation Jump to search
VisualWikitext
Created page with "{{Stub}} * Per creare il PTR 192.168.1.7 -> metvirt06.ad.metrica.it samba-tool dns add metdc01 1.168.192.in-addr.arpa. 7 PTR metvirt06.ad.metrica.it. -U Administrator =Ri..."
 
mNo edit summary
 
Line 1: Line 1:
{{Stub}}
== Gestione record DNS ==
 
* Per creare il PTR 192.168.1.7 ->  metvirt06.ad.metrica.it
* Per creare il PTR 192.168.1.7 ->  metvirt06.ad.metrica.it


  samba-tool dns add metdc01 1.168.192.in-addr.arpa. 7 PTR metvirt06.ad.metrica.it. -U Administrator
  samba-tool dns add metdc01 1.168.192.in-addr.arpa. 7 PTR metvirt06.ad.metrica.it. -U Administrator


=Riferimenti=
==== Riferimenti ====
*[https://wiki.samba.org/index.php/DNS_Administration DNS Administration - SambaWiki]
*[https://wiki.samba.org/index.php/DNS_Administration DNS Administration - SambaWiki]
== Esportare una zona DNS ==
Usare lo script:<pre>
#!/bin/sh
#
# Extract DNS zone from Samba4 native DNS using samba-tool
#
# Prerequistes:
# samba krb5-workstation
SAMBA_TOOL=samba-tool
#kinit Administrator
#trap "kdestroy; rm -f $TMPFILE" 0 1 2 15
#klist
## -k=yes doesn't work...
## Using --password isn't secure.
USER=Administrator
echo -n "$USER password:" >&2; stty -echo; read PASS; stty echo; echo '' >&2
echo 'Please ignore "Cannot do GSSAPI to an IP address" errors...' >&2
## Extract zones
#  2 zone(s) found
#
#  pszZoneName                : a.example.or.jp
#  Flags                      : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
#  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
#  Version                    : 50
#  dwDpFlags                  : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
#  pszDpFqdn                  : DomainDnsZones.a.example.or.jp
#
#  pszZoneName                : _msdcs.a.example.or.jp
#  Flags                      : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
#  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
#  Version                    : 50
#  dwDpFlags                  : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
#  pszDpFqdn                  : ForestDnsZones.a.example.or.jp
#$SAMBA_TOOL dns zonelist localhost --kerberos=yes > $TMPFILE
ZONES=`$SAMBA_TOOL dns zonelist localhost -U "$USER" --password "$PASS" | awk '$1 ~ /pszZoneName/{print $3}'`
## queryzone $zone "ForestDnsZones"
queryzone () {
local zone="$1"
local entry="$2"
local qentry="$entry"
local name
local children
local lhs
test -z "$entry" && qentry="@"
$SAMBA_TOOL dns query localhost $zone "$qentry" ALL -U "$USER" --password "$PASS" |
#  Name=, Records=3, Children=0
#    SOA: serial=1, refresh=900, retry=600, expire=86400, minttl=3600, ns=ad01.a.example.or.jp., email=hostmaster.a.example.or.jp. (flags=600000f0, serial=1, ttl=3600)
#    NS: ad01.a.example.or.jp. (flags=600000f0, serial=1, ttl=900)
#    A: 100.64.96.31 (flags=600000f0, serial=1, ttl=900)
#  Name=_msdcs, Records=0, Children=0
#  Name=_sites, Records=0, Children=1
#  Name=_tcp, Records=0, Children=4
while read line; do
set $line
case "$1" in
    Name=*,)
name=`expr $1 : 'Name=\([^,]*\)*,'`
children=`expr $3 : 'Children=\([0-9]*\)'`
if [ $children -gt 0 ]; then
queryzone $zone $name${entry:+.}$entry
fi
if [ -z "$name" ]; then
if [ -z "$entry" ]; then
lhs="@"
else
lhs="${entry}"
fi
else
lhs="${name}${entry:+.}${entry}"
fi
;;
    SOA:)
#    SOA: serial=1, refresh=900, retry=600, expire=86400, minttl=3600, ns=ad01.a.example.or.jp., email=hostmaster.a.example.or.jp. (flags=600000f0, serial=1, ttl=3600)
echo "$@" | sed -e 's/.*serial=\([0-9]*\), refresh=\([0-9]*\), retry=\([0-9]*\), expire=\([0-9]*\), minttl=\([0-9]*\), ns=\([^,]*\), email=\([^,]*\) (flags=.*, serial=[0-9]*, ttl=\([0-9]*\))/'"${name:-@}"' \8 IN SOA \6 \7 \1 \2 \3 \4 \5/'
;;
#    NS: ad01.a.example.or.jp. (flags=600000f0, serial=1, ttl=900)
#    A: 100.64.96.31 (flags=600000f0, serial=1, ttl=900)
    NS:|A:)
echo "$@" | sed -ne 's/\([^ ]*\): \([^ ]*\) (flags=[0-9a-f]*, serial=[0-9]*, ttl=\([0-9]*\)).*/'"${lhs}"' \3 IN \1 \2/p'
;;
#    SRV: ad01.a.example.or.jp. (88, 0, 100) (flags=f0, serial=1, ttl=900)
    SRV:)
echo "$@" | sed -ne 's/\([^ ]*\): \([^ ]*\) (\([0-9]*\), \([0-9]*\), \([0-9]*\)) (flags=[0-9a-f]*, serial=[0-9]*, ttl=\([0-9]*\)).*/'"${lhs}"' \6 IN \1 \4 \5 \3 \2/p'
;;
#    CNAME: ad01.a.example.or.jp. (flags=f0, serial=1, ttl=900)
    CNAME:)
echo "$@" | sed -ne 's/\([^ ]*\): \([^ ]*\) (flags=[0-9a-f]*, serial=[0-9]*, ttl=\([0-9]*\)).*/'"${lhs}"' \3 IN \1 \2/p'
;;
    *)
echo "ERROR unknown record type $1; aborting" >&2; exit 1
;;
esac
done
}
echo Zones: $ZONES >&2
for zone in $ZONES; do
echo '$ORIGIN' $zone
echo ''
queryzone $zone ""
echo ''
done ;# zone $ZONES
</pre>
==== Riferimenti ====
* [http://vega.pgw.jp/~kabe/vsd/samba4-dns/extract-zone.html Extract Zone information from Samba 4 native DNS using samba-tool]

Latest revision as of 09:36, 13 February 2024

Gestione record DNS

  • Per creare il PTR 192.168.1.7 -> metvirt06.ad.metrica.it
samba-tool dns add metdc01 1.168.192.in-addr.arpa. 7 PTR metvirt06.ad.metrica.it. -U Administrator

Riferimenti

Esportare una zona DNS

Usare lo script:

#!/bin/sh
#
# Extract DNS zone from Samba4 native DNS using samba-tool
#
# Prerequistes:
# samba krb5-workstation

SAMBA_TOOL=samba-tool

#kinit Administrator
#trap "kdestroy; rm -f $TMPFILE" 0 1 2 15
#klist
## -k=yes doesn't work...
## Using --password isn't secure.
USER=Administrator
echo -n "$USER password:" >&2; stty -echo; read PASS; stty echo; echo '' >&2
echo 'Please ignore "Cannot do GSSAPI to an IP address" errors...' >&2

## Extract zones
#  2 zone(s) found
#
#  pszZoneName                 : a.example.or.jp
#  Flags                       : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
#  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
#  Version                     : 50
#  dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_DOMAIN_DEFAULT DNS_DP_ENLISTED
#  pszDpFqdn                   : DomainDnsZones.a.example.or.jp
#
#  pszZoneName                 : _msdcs.a.example.or.jp
#  Flags                       : DNS_RPC_ZONE_DSINTEGRATED DNS_RPC_ZONE_UPDATE_SECURE
#  ZoneType                    : DNS_ZONE_TYPE_PRIMARY
#  Version                     : 50
#  dwDpFlags                   : DNS_DP_AUTOCREATED DNS_DP_FOREST_DEFAULT DNS_DP_ENLISTED
#  pszDpFqdn                   : ForestDnsZones.a.example.or.jp

#$SAMBA_TOOL dns zonelist localhost --kerberos=yes > $TMPFILE
ZONES=`$SAMBA_TOOL dns zonelist localhost -U "$USER" --password "$PASS" | awk '$1 ~ /pszZoneName/{print $3}'`

## queryzone $zone "ForestDnsZones"
queryzone () {
	local zone="$1"
	local entry="$2"
	local qentry="$entry"
	local name
	local children
	local lhs
	test -z "$entry" && qentry="@"

	$SAMBA_TOOL dns query localhost $zone "$qentry" ALL -U "$USER" --password "$PASS" |
#  Name=, Records=3, Children=0
#    SOA: serial=1, refresh=900, retry=600, expire=86400, minttl=3600, ns=ad01.a.example.or.jp., email=hostmaster.a.example.or.jp. (flags=600000f0, serial=1, ttl=3600)
#    NS: ad01.a.example.or.jp. (flags=600000f0, serial=1, ttl=900)
#    A: 100.64.96.31 (flags=600000f0, serial=1, ttl=900)
#  Name=_msdcs, Records=0, Children=0
#  Name=_sites, Records=0, Children=1
#  Name=_tcp, Records=0, Children=4
	while read line; do
		set $line
		case "$1" in
		    Name=*,)
			name=`expr $1 : 'Name=\([^,]*\)*,'`
			children=`expr $3 : 'Children=\([0-9]*\)'`
			if [ $children -gt 0 ]; then
				queryzone $zone $name${entry:+.}$entry
			fi
			if [ -z "$name" ]; then
				if [ -z "$entry" ]; then
					lhs="@"
				else
					lhs="${entry}"
				fi
			else
				lhs="${name}${entry:+.}${entry}"
			fi
			;;
		    SOA:)
#    SOA: serial=1, refresh=900, retry=600, expire=86400, minttl=3600, ns=ad01.a.example.or.jp., email=hostmaster.a.example.or.jp. (flags=600000f0, serial=1, ttl=3600)
			echo "$@" | sed -e 's/.*serial=\([0-9]*\), refresh=\([0-9]*\), retry=\([0-9]*\), expire=\([0-9]*\), minttl=\([0-9]*\), ns=\([^,]*\), email=\([^,]*\) (flags=.*, serial=[0-9]*, ttl=\([0-9]*\))/'"${name:-@}"'	\8	IN SOA \6 \7 \1 \2 \3 \4 \5/'
			;;
#    NS: ad01.a.example.or.jp. (flags=600000f0, serial=1, ttl=900)
#    A: 100.64.96.31 (flags=600000f0, serial=1, ttl=900)
		    NS:|A:)
			echo "$@" | sed -ne 's/\([^ ]*\): \([^ ]*\) (flags=[0-9a-f]*, serial=[0-9]*, ttl=\([0-9]*\)).*/'"${lhs}"'	\3 IN \1	\2/p'
			;;
#    SRV: ad01.a.example.or.jp. (88, 0, 100) (flags=f0, serial=1, ttl=900)
		    SRV:)	
			echo "$@" | sed -ne 's/\([^ ]*\): \([^ ]*\) (\([0-9]*\), \([0-9]*\), \([0-9]*\)) (flags=[0-9a-f]*, serial=[0-9]*, ttl=\([0-9]*\)).*/'"${lhs}"'	\6 IN \1	\4 \5 \3 \2/p'
			;;
#    CNAME: ad01.a.example.or.jp. (flags=f0, serial=1, ttl=900)
		    CNAME:)
			echo "$@" | sed -ne 's/\([^ ]*\): \([^ ]*\) (flags=[0-9a-f]*, serial=[0-9]*, ttl=\([0-9]*\)).*/'"${lhs}"'	\3 IN \1	\2/p'
			;;
		    *)
			echo "ERROR unknown record type $1; aborting" >&2; exit 1
			;;
		esac
	done
}

echo Zones: $ZONES >&2
for zone in $ZONES; do
	echo '$ORIGIN' $zone
	echo ''
	queryzone $zone ""
	echo ''
done ;# zone $ZONES

Riferimenti

Retrieved from "https://kb.rvmgroup.it/index.php?title=Gestione_DNS_con_sambatool&oldid=11091"