The DN: DC=RootDNSServers,CN=MicrosoftDNS,DC=DomainDnsZones,DC=samdom,DC=example,DC=com is a dns zone, it has the objectclass 'dnsZone' Samba totally ignores this zone and you cannot update any of the zone records.
This is by design. Questions: * Do we want to override the root dns servers for BIND? * Does BIND allow root zone to be created dynamically?
The other potential use for this is if the internal dns server uses root servers for resolution.
Why would the internal (or Bind9) use the root dns servers ? The AD dns server is supposed to be authoritative for the AD domains, everything else is forwarded.
(In reply to Rowland Penny from comment #3) What potential use do you envisage for RootDNSServers zone?
(In reply to Amitay Isaacs from comment #4) I know I reported this bug, but it was after a discussion on the samba mailing list and now, after I have thought about it, perhaps we should just close it, a Samba AD DC has absolutely no reason to use the root dns servers. If anything, the root dns servers shouldn't be in AD, does Windows have them ?
(In reply to Rowland Penny from comment #5) As far as I remember, Windows DNS server is not just primary nameserver, but can also act as a resolver. So potentially it can use the RootDNSServers zone to consult the top-level (.) nameservers. Samba AD will only ever act as a primary nameserver for the listed domains, so I think we can close this defect.
Closing bug report, not valid.