diff --git a/dnsapi2.md b/dnsapi2.md
index 0cf6f6c..6486aec 100644
--- a/dnsapi2.md
+++ b/dnsapi2.md
@@ -82,6 +82,7 @@
 - [158. Use DNSExit API](#dns_dnsexit)
 - [159. Use Lima-City (Trafficplex)](#dns_limacity)
 - [160. Use  TencentCloud (DNSPod) API](#dns_tencent)
+- [161. Use Samba AD DC API](#dns_samba)
 - [Use custom API](#dns_myapi)
 - [Use lexicon DNS API](#dns_lexicon)
 
@@ -2042,6 +2043,39 @@ The login variables will be saved in `~/.acme.sh/account.conf` and will be reuse
 
 Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/4781)
 
+
+
+<a name="dns_samba"/>
+
+## 161. Use Samba AD DC
+
+This API requires you to have `samba-tool` available, you don't need the full samba installation on a remote machine (if the machine you use to generate the certificate isn't the same as the Samba AD DC). On Debian, you can get it with the `samba-common-bin` package.
+
+Then you need to provide the host, username and password of an administrator to change the DNS settings:
+
+```sh
+export SAMBA_HOST=dc1.example.com
+export SAMBA_USER=Administrator
+export SAMBA_PASS=MyAdminP@ssword
+```
+
+Then you can issue your certificates with:
+
+```sh
+./acme.sh --issue --dns dns_samba -d example.com -d *.example.com
+```
+
+Or even in 1 line:
+
+```sh
+SAMBA_HOST=dc1.example.com SAMBA_USER=Administrator SAMBA_PASS=MyAdminP@ssword ./acme.sh --issue --dns dns_samba -d example.com -d *.example.com
+```
+
+The `SAMBA_HOST`, `SAMBA_USER` and `SAMBA_PASS` settings will be saved in `~/.acme.sh/account.conf` and will be reused when needed.
+
+Report any bugs or issues [here](https://github.com/acmesh-official/acme.sh/issues/4852)
+
+
 <a name="dns_myapi"/>
 
 ## Use custom API