JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Working With Naming and Directory Services in Oracle Solaris 11.1     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information

Preface

Part I About Naming and Directory Services

1.  Naming and Directory Services (Overview)

2.  Name Service Switch (Overview)

3.  Managing DNS (Tasks)

DNS Overview

Multicast DNS

Multicast DNS Service Discovery

Related Materials About DNS

DNS and the Service Management Facility

Administering DNS (Tasks)

How to Install the DNS Package

How to Configure a DNS Server

How to Create an rndc.conf File

How to Configure DNS Server Options

How to Run the DNS Service as an Alternative User

How to Enable a DNS Client

How to Troubleshoot DNS Server Startup Issues

How to Verify the DNS Configuration

Administering Multicast DNS

How to Enable mDNS and DNS Service Discovery

Advertising Resources for DNS

DNS Reference

DNS Files

DNS Commands and Daemons

Compilation Flags Used When BIND Was Built

4.  Setting Up Oracle Solaris Active Directory Clients (Tasks)

Part II NIS Setup and Administration

5.  Network Information Service (Overview)

6.  Setting Up and Configuring NIS (Tasks)

7.  Administering NIS (Tasks)

8.  NIS Troubleshooting

Part III LDAP Naming Services

9.  Introduction to LDAP Naming Services (Overview)

10.  Planning Requirements for LDAP Naming Services (Tasks)

11.  Setting Up Oracle Directory Server Enterprise Edition With LDAP Clients (Tasks)

12.  Setting Up LDAP Clients (Tasks)

13.  LDAP Troubleshooting (Reference)

14.  LDAP Naming Service (Reference)

15.  Transitioning From NIS to LDAP (Tasks)

Glossary

Index

Administering DNS (Tasks)

The following tasks are documented:

How to Install the DNS Package

Normally, the DNS package is automatically installed with the Oracle Solaris release. If the package was not included when the server was installed, use the following procedure to install the package.

  1. Become an administrator.

    For more information, see How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Install the DNS package.
    # pkg install pkg:/service/network/dns/bind

How to Configure a DNS Server


Note - Configuring named to specify a change root directory is not recommended. A more secure option is to create a Solaris Zone and configure named to run within that zone.


  1. Become an administrator.

    For more information, see How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Create and verify a DNS configuration file.

    Before the named daemon will start, a valid configuration file must exist. The file is called /etc/named.conf by default. The configuration of named might be very simple. An empty file provides sufficient information to configure a caching only server, assuming that DNS root servers are accessible.

    # touch /etc/named.conf
    # named-checkconf -z /etc/named.conf
  3. (Optional) Create an rndc configuration file.

    This file is used to configure remote control access of the DNS server.

    # rndc-confgen -a
    wrote key file "/etc/rndc.key"
  4. (Optional) Change configuration information for the dns/server service.

    See How to Configure DNS Server Options.

  5. Start the DNS service.
    # svcadm enable network/dns/server

How to Create an rndc.conf File

The /etc/rndc.conf file is used to configure remote control access of the DNS server daemon, named, by using the rndc command. To create a default file, use the following procedure. Refer to the rndc.conf(4) man page for further options.

  1. Become an administrator.

    For more information, see How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Create the rndc configuration file.
    # rndc-confgen -a
    wrote key file "/etc/rndc.key
  3. Restart the DNS service.
    # svcadm restart dns/server:default

How to Configure DNS Server Options

This procedure explains how to select the IPv4 transport protocol for named traffic. See the named(1M) man page.

  1. Become an administrator.

    For more information, see How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Change the configuration information for the dns/server service.
    # svccfg -s network/dns/server
    svc:/network/dns/server:default> setprop options/ip_interfaces = "IPv4"
    svc:/network/dns/server:default> quit
  3. Update the SMF repository and enable the DNS service.
    # svcadm refresh network/dns/server
    # svcadm enable network/dns/server

How to Run the DNS Service as an Alternative User

This procedure explains how to assign a user the relevant authorizations to manage the named daemon.

  1. Become an administrator.

    For more information, see How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Add the user to the appropriate role.
    # usermod -A solaris.smf.manage.bind dnsadmin
  3. Set service properties for the user.
    # svccfg -s network/dns/server
    svc:/network/dns/server:default> setprop start/user = dnsadmin
    svc:/network/dns/server:default> setprop start/group = dnsadmin
    svc:/network/dns/server:default> exit
  4. Create a directory for a new process ID file.

    Because only root has write access to create the default process ID file, /var/run/named/named.pid, the named daemon must be configured to use an alternative file.

    # mkdir /var/named/tmp
    # chown dnsadmin /var/named/tmp
  5. Change the configuration to use the new directory.

    Add the following lines to the named.conf file:

    # head /etc/named.conf
    options {
    directory "/var/named";
    pid-file "/var/named/tmp/named.pid";
    };
  6. Update the SMF repository and restart the DNS service.
    # svcadm refresh svc:/network/dns/server:default
    # svcadm restart svc:/network/dns/server:default

How to Enable a DNS Client

  1. Become an administrator.

    For more information, see How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Configure the DNS domain.

    First, list the domains to search and the IP addresses for the DNS name servers. Then, update the SMF repository.

    # svccfg -s network/dns/client
    svc:/network/dns/client> setprop config/search = astring: ("example.com" "sales.example.com")
    svc:/network/dns/client> setprop config/nameserver = net_address: (192.168.1.10 192.168.1.11)
    svc:/network/dns/client> select network/dns/client:default
    svc:/network/dns/client:default> refresh
    svc:/network/dns/client:default> quit
  3. Update name service switch information to use DNS.

    The first command updates the DNS configuration information in the SMF repository.

    # svccfg -s system/name-service/switch
    svc:/system/name-service/switch> setprop config/host = astring: "files dns"
    svc:/system/name-service/switch> select system/name-service/switch:default
    svc:/system/name-service/switch:default> refresh
    svc:/system/name-service/switch:default> quit
  4. Write the new information into the /etc/resolv.conf file.

    The /etc/resolv.conf is still used by some processes so after any changes to the SMF repository that would change the contents of the file, the file should be recreated.

    # nscfg export svc:/network/dns/client:default
  5. Start the services needed to run the DNS client.
    # svcadm enable network/dns/client
    # svcadm enable system/name-service/switch

How to Troubleshoot DNS Server Startup Issues

All of these steps do not have to be followed. If you think you find the problem in an early step you may proceed to step 6 to get the service running properly.

  1. Become an administrator.

    For more information, see How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Check the DNS service status.
    # svcs -x dns/server:default
    svc:/network/dns/server:default (BIND DNS server)
     State: online since Tue Oct 18 19:35:00 2011
       See: named(1M)
       See: /var/svc/log/network-dns-server:default.log
    Impact: None.
  3. Check the DNS service log file.
    # tail /var/svc/log/network-dns-server:default.log
  4. Check syslog messages.
    # grep named /var/adm/messages
  5. Start the named daemon manually.

    Running named in the foreground forces all logging to standard error so that it is easier to identify problems.

    # named -g
  6. After the issue has been fixed, clear the maintenance required state.
    # svcadm clear dns/server:default
    # svcs dns/server:default
    STATE          STIME    FMRI
    online         17:59:08 svc:/network/dns/server:default

How to Verify the DNS Configuration

When modifying the DNS configuration, you can verify the syntax of the /etc/named.conf file with the named-checkzone command.

  1. Become an administrator.

    For more information, see How to Use Your Assigned Administrative Rights in Oracle Solaris 11.1 Administration: Security Services.

  2. Change the configuration file, as needed.

    In this example, the default directory is changed.

    # echo 'options {directory "/var/named";};' > /etc/named.conf
  3. Verify the file contents.
    # named-checkconf
    /etc/named.conf:1: change directory to '/var/named' failed: file not found
    
    /etc/named.conf:1: parsing failed

    In this example, the check failed because the /var/named directory has not yet been created.

  4. Correct any errors reported.
    # mkdir /var/named
  5. Repeat steps 3 and 4 until no errors are reported.
  6. (Optional) To reflect the change in the running service use one of the methods below:
    • Use the rndc command to update the configuration using the reload or reconfig option, depending on the changes made.
    • Restart the named service.
      # svcadm restart svc:/network/dns/server:default