[Samba] Samba 4 AD DC and BIND
Michael Leone
turgon at mike-leone.com
Sun Mar 17 15:14:09 MDT 2013
On Sun, Mar 17, 2013 at 5:10 PM, Thomas Simmons <twsnnva at gmail.com> wrote:
> Ideally you should not use the same domain name for your AD domain.
> Microsoft used to use "domain.local" for a default configuration, but this
> can cause problems with certain external services (Exchange/Office365 for
> example) and it also conflicts with some "local" Apple services if you have
> Macs on your networks. You could also purchase and use "domain.net" if it's
> available. Finally, what I did was use a sub-domain for AD (I used
> internal.domain.com but others use ad.domain.com, etc...) If you really
> must use your external FQDN, a split-dns setup (your last statement) is
> probably going to be your only option.
MS guidelines for AD domain names:
Naming conventions in Active Directory for computers, domains, sites, and OUs
< http://support.microsoft.com/kb/909264 >
>
> On Sun, Mar 17, 2013 at 3:57 PM, Gerry Reno <greno at verizon.net> wrote:
>
>> When you setup Samba 4 AD DC using BIND9_DLZ and your domain has external
>> servers (eg: www,mail) at external providers
>> this means that the ISP and the internal network nameservers will both
>> have SOA record for the domain.
>>
>> /etc/resolv.conf looks like this:
>>
>> domain company.com
>> nameserver 192.168.2.105
>>
>>
>> /etc/named.conf contains:
>>
>> forwarders { isp_nameservers; };
>> recursion yes;
>>
>> What is the preferred way to forward DNS requests to the ISP nameservers
>> in order to resolve the domain's external
>> servers without using BIND views?
>>
>> Right now, all of Samba 4 AD DC DNS is working with the exception of being
>> able to resolve the domain's external servers.
>>
>> One solution could be to dump all our domain records at the ISP and
>> duplicate them in the AD DNS Zone which seems
>> unnecessary.
>>
>> -Gerry
>>
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
--
2B || !2B
More information about the samba
mailing list