Register on Windows DNS Without Joining Active Directory Domain
 

Can a Linux system use Samba to register on a Windows DNS without joining the Windows Active Directory domain?

If so, does this require the Windows DNS server to allow nonsecure dynamic updates? Or is there some way to pass credentials with the DNS registration even though the Linux client is not in an Active Directory domain?

Thanks in advance for any advice.

It is a good security practice to allow only secure dynamic updates on Windows domains. This means that the DNS server only accepts updates from machines that are members of the domain.

Accepting updates from machines that are not members of the domain is a big security risk. An administrative password is required to join a machine to a domain. This provides some level of control to ensure that only safe machines are updating DNS.

Is your Samba machine a server? Would it be okay to use a fixed address for it?

jamrock, Thanks for your reply.
>> It is a good security practice to allow only secure dynamic updates on Windows domains.

That makes sense. Is it possible for a Linux Samba client to register securely in Windows DNS without joining the Active Directory domain? I'm not sure how the credentials would be supplied or evaluated in that case.

>> Is your Samba machine a server? Would it be okay to use a fixed address for it?

We're talking about Linux systems that are running just a Samba client and need to register in Windows DNS.

Thanks, Joseph

I don't think it is even possible for Windows clients to do secure dynamic updates without being a part of the Windows domain.

I have never tried doing dynamic updates of Windows DNS with a Samba client.

Take a look at this document
http://technet.microsoft.com/en-us/l...8WS.10%29.aspx