DNS forwarding
Grant Taylor
gtaylor at tnetconsulting.net
Mon May 22 14:46:59 UTC 2017
On 05/22/2017 07:16 AM, Barry S. Finkel wrote:
> Maybe I am misinterpreting the problem. When I was managing a mixed
> AD-BIND DNS scenario, ALL of the computers used the BIND servers for
> their DNS resolution; none used the AD servers. But I had all of the
> AD zones slaved on my BIND servers, so there was no need for any machine
> to use the AD servers for DNS resolution. The AD servers had only
> the AD zones, so if any machine queried the AD server for a non-AD zone,
> the request would have been forwarded to the BIND servers anyway.
Could your AD clients still reach the AD DNS servers? (It sounds like
they could.)
It's been my experience that AD clients still want to reach the master
name server (in the SOA record) to do Dynamic DNS updates.
(I've also successfully forced those through a BIND secondary configured
to forward the dynamic updates to the AD master.)
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3717 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20170522/c84f0d7b/attachment.bin>
More information about the bind-users
mailing list