From ad31e85feb8ee820909f11105e45ce9d02e98d11 Mon Sep 17 00:00:00 2001 From: Thorsten Spille Date: Mon, 12 Apr 2021 22:35:03 +0200 Subject: [PATCH] Added ZMB_DNS_BACKEND to support native and bind9 --- zamba.conf | 3 +++ zamba.conf.md | 5 +++++ zmb-ad.sh | 22 ++++++++++++++-------- 3 files changed, 22 insertions(+), 8 deletions(-) diff --git a/zamba.conf b/zamba.conf index e1cd167..b20c49d 100644 --- a/zamba.conf +++ b/zamba.conf @@ -75,6 +75,9 @@ LXC_LOCALE="de_DE.utf8" ZMB_REALM="ZMB.ROCKS" ZMB_DOMAIN="ZMB" +# Select the Zamba AD DNS backend, supported are INTERNAL_DNS or BIND9_DLZ +ZMB_DNS_BACKEND="INTERNAL_DNS" + # The Domain-Admin and password for zamba installation ZMB_ADMIN_USER="Administrator" ZMB_ADMIN_PASS="MYPASSWORD" diff --git a/zamba.conf.md b/zamba.conf.md index 0be2843..a9671ff 100644 --- a/zamba.conf.md +++ b/zamba.conf.md @@ -131,6 +131,11 @@ Defines the domain name in your Active Directory or Workgroup (AD DC, AD member, ```bash ZMB_DOMAIN="ZMB" ``` +### ZMB_DNS_BACKEND +Defines the desired DNS server backend, supported are `INTERNAL_DNS` and `BIND9_DLZ` for more advanced usage +```bash +ZMB_DNS_BACKEND="INTERNAL_DNS" +``` ### ZMB_ADMIN_USER Defines the name of your domain administrator account (AD DC, AD member) ```bash diff --git a/zmb-ad.sh b/zmb-ad.sh index f46ab17..8c24d29 100644 --- a/zmb-ad.sh +++ b/zmb-ad.sh @@ -7,6 +7,10 @@ source /root/zamba.conf +if [[ $ZMB_DNS_BACKEND == "BIND9_DLZ" ]]; then + BINDNINE=bind9 +fi + # Set Timezone ln -sf /usr/share/zoneinfo/$LXC_TIMEZONE /etc/localtime @@ -47,10 +51,11 @@ EOF apt update DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq dist-upgrade # install required packages -DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -o DPkg::options::="--force-confdef" -o DPkg::options::="--force-confold" $LXC_TOOLSET acl attr ntpdate nginx-full rpl net-tools dnsutils ntp bind9 samba smbclient winbind libpam-winbind libnss-winbind krb5-user samba-dsdb-modules samba-vfs-modules lmdb-utils +DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -o DPkg::options::="--force-confdef" -o DPkg::options::="--force-confold" $LXC_TOOLSET acl attr ntpdate nginx-full rpl net-tools dnsutils ntp samba smbclient winbind libpam-winbind libnss-winbind krb5-user samba-dsdb-modules samba-vfs-modules lmdb-utils $BINDNINE -# configure bind dns service -cat << EOF > /etc/default/bind9 +if [[ $ZMB_DNS_BACKEND == "BIND9_DLZ" ]]; then + # configure bind dns service + cat << EOF > /etc/default/bind9 # # run resolvconf? RESOLVCONF=no @@ -72,7 +77,7 @@ dlz "$LXC_DOMAIN" { }; EOF -cat << EOF > /etc/bind/named.conf.options + cat << EOF > /etc/bind/named.conf.options options { directory "/var/cache/bind"; @@ -92,7 +97,8 @@ options { }; EOF -mkdir -p /var/lib/samba/bind-dns/dns + mkdir -p /var/lib/samba/bind-dns/dns +fi # stop + disable samba services and remove default config systemctl stop smbd nmbd winbind @@ -103,12 +109,12 @@ rm -f /etc/krb5.conf source /root/zamba.conf # provision zamba domain -samba-tool domain provision --use-rfc2307 --realm=$ZMB_REALM --domain=$ZMB_DOMAIN --adminpass=$ZMB_ADMIN_PASS --server-role=dc --backend-store=mdb --dns-backend=BIND9_DLZ +samba-tool domain provision --use-rfc2307 --realm=$ZMB_REALM --domain=$ZMB_DOMAIN --adminpass=$ZMB_ADMIN_PASS --server-role=dc --backend-store=mdb --dns-backend=$ZMB_DNS_BACKEND ln -sf /var/lib/samba/private/krb5.conf /etc/krb5.conf systemctl unmask samba-ad-dc -systemctl enable samba-ad-dc bind9 -systemctl restart samba-ad-dc bind9 +systemctl enable samba-ad-dc $BINDNINE +systemctl restart samba-ad-dc $BINDNINE exit 0 \ No newline at end of file