Sometimes you want a zone file of the DNS which Samba 4 Active Directory holds. But, Samba 4 AD native DNS server doesn't have zone transfer capability. You usually have to use BIND DNS backend for zone transfer.
But for one-off zone porting, you could extract the zone in zone info file format using the following tool, which uses samba-tool as a workhorse.
You usually don't have to update the extracted zone unless there was changes to domain controller's membership.
Download: extract_zone.sh
$ORIGIN a.example.or.jp @ 3600 IN SOA ad01.a.example.or.jp. hostmaster.a.example.or.jp. 1 900 600 86400 3600 @ 900 IN NS ad01.a.example.or.jp. @ 900 IN A 100.64.96.31 _kerberos._tcp.Default-First-Site-Name._sites 900 IN SRV 0 100 88 ad01.a.example.or.jp. _ldap._tcp.Default-First-Site-Name._sites 900 IN SRV 0 100 389 ad01.a.example.or.jp. _gc._tcp.Default-First-Site-Name._sites 900 IN SRV 0 100 3268 ad01.a.example.or.jp. _gc._tcp 900 IN SRV 0 100 3268 ad01.a.example.or.jp. _kerberos._tcp 900 IN SRV 0 100 88 ad01.a.example.or.jp. _kpasswd._tcp 900 IN SRV 0 100 464 ad01.a.example.or.jp. _ldap._tcp 900 IN SRV 0 100 389 ad01.a.example.or.jp. _kerberos._udp 900 IN SRV 0 100 88 ad01.a.example.or.jp. _kpasswd._udp 900 IN SRV 0 100 464 ad01.a.example.or.jp. ad01 900 IN A 100.64.96.31 DomainDnsZones 900 IN A 100.64.96.31 _ldap._tcp.Default-First-Site-Name._sites.DomainDnsZones 900 IN SRV 0 100 389 ad01.a.example.or.jp. _ldap._tcp.DomainDnsZones 900 IN SRV 0 100 389 ad01.a.example.or.jp. ForestDnsZones 900 IN A 100.64.96.31 _ldap._tcp.Default-First-Site-Name._sites.ForestDnsZones 900 IN SRV 0 100 389 ad01.a.example.or.jp. _ldap._tcp.ForestDnsZones 900 IN SRV 0 100 389 ad01.a.example.or.jp. $ORIGIN _msdcs.a.example.or.jp @ 3600 IN SOA ad01.a.example.or.jp. hostmaster.a.example.or.jp. 1 900 600 86400 3600 @ 900 IN NS ad01.a.example.or.jp. ccbbda29-6f7c-49f0-a0fc-bfe521959427 900 IN CNAME ad01.a.example.or.jp. _kerberos._tcp.Default-First-Site-Name._sites.dc 900 IN SRV 0 100 88 ad01.a.example.or.jp. _ldap._tcp.Default-First-Site-Name._sites.dc 900 IN SRV 0 100 389 ad01.a.example.or.jp. _kerberos._tcp.dc 900 IN SRV 0 100 88 ad01.a.example.or.jp. _ldap._tcp.dc 900 IN SRV 0 100 389 ad01.a.example.or.jp. _ldap._tcp.a9b45547-2022-42ae-90e3-7db74670cc19.domains 900 IN SRV 0 100 389 ad01.a.example.or.jp. gc 900 IN A 100.64.96.31 _ldap._tcp.Default-First-Site-Name._sites.gc 900 IN SRV 0 100 3268 ad01.a.example.or.jp. _ldap._tcp.gc 900 IN SRV 0 100 3268 ad01.a.example.or.jp. _ldap._tcp.pdc 900 IN SRV 0 100 389 ad01.a.example.or.jp.