[Samba] Samba 4 AD DC and BIND

Thomas Simmons twsnnva at gmail.com
Sun Mar 17 15:10:47 MDT 2013


Ideally you should not use the same domain name for your AD domain.
Microsoft used to use "domain.local" for a default configuration, but this
can cause problems with certain external services (Exchange/Office365 for
example) and it also conflicts with some "local" Apple services if you have
Macs on your networks. You could also purchase and use "domain.net" if it's
available. Finally, what I did was use a sub-domain for AD (I used
internal.domain.com but others use ad.domain.com, etc...) If you really
must use your external FQDN, a split-dns setup (your last statement) is
probably going to be your only option.

On Sun, Mar 17, 2013 at 3:57 PM, Gerry Reno <greno at verizon.net> wrote:

> When you setup Samba 4 AD DC using BIND9_DLZ and your domain has external
> servers (eg: www,mail) at external providers
> this means that the ISP and the internal network nameservers will both
> have SOA record for the domain.
>
> /etc/resolv.conf looks like this:
>
>     domain company.com
>     nameserver 192.168.2.105
>
>
> /etc/named.conf contains:
>
>     forwarders  { isp_nameservers; };
>     recursion   yes;
>
> What is the preferred way to forward DNS requests to the ISP nameservers
> in order to resolve the domain's external
> servers without using BIND views?
>
> Right now, all of Samba 4 AD DC DNS is working with the exception of being
> able to resolve the domain's external servers.
>
> One solution could be to dump all our domain records at the ISP and
> duplicate them in the AD DNS Zone which seems
> unnecessary.
>
> -Gerry
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


More information about the samba mailing list