CentOS 7.1503 installed.
Installed Samba 4 from sernet: Version 4.1.17-SerNet-RedHat-11.el7 (to be configured).

Problem:

The samba wiki Readme First page states, "Some distributions like . . . Red Hat Enterprise Linux (and clones), ship BIND9 packages with disabled GSS-SPNEGO option, which is required for signed DNS updates when using BIND as DNS backend on your Samba DC. This circumstance requires to self compile BIND9."

Is there any way to use a yum command to install Bind9 with gss-spnego enabled?

I'm worried about installing from source and creating future problems when trying to update other CentOS packages that may be affected by the source install of Bind9. Is it safe to obtain a bind9 source tarball for install on an rpm-based CentOS 7 server?

If anyone has installed Bind for use with Samba 4 on CentOS 7, please let me know what worked.

Thanks for your time and patience.

Based on assistance received on the CentOS mailing list, it appears the Samba Wiki Readme First page needs to be updated since the 7.1503 release.

I installed bind-9.9.4 package from the CentOS repo. --- latest ver. available as of 04/16/2015.

named -V on the installed package produces:
Apparently, the problem in the kerberos libraries was resolved and gss now functions in coordination with kerberos without the need for compiling in support for spnego.
"It wasn't the bind package directly but rather an issue with the libkrb5 libraries."

The breakage issue and bug are explained here:
https://bugzilla.redhat.com/show_bug.cgi?id=1087068