[Samba] Member join, dns issues
Rowland Penny
rpenny at samba.org
Thu Feb 24 18:45:22 UTC 2022
On Thu, 2022-02-24 at 10:30 -0800, Greg Sloop <gregs--- via samba
wrote:
> They *are* the 3rd level domain masters.
>
> So they're authoritative for
> AD.SOMEDOMAIN.COM.
Good
>
> But we also have records in
> SOMEDOMAIN.COM, and the AD servers are NOT authoritative for that
> zone.
The AD DCs shouldn't be authoritative for anything outside the AD dns
domain.
I presume that all the 'SOMEDOMAIN.COM' records have nothing to do with
your AD, if not, what are they ?
>
> All DNS lookups will be to the BIND servers, not the AD servers - but
> we'll
> forward all queries for *.AD.SOMEDOMAIN.COM to the AD servers.
That is a good accepted practice.
>
> The IP blocks we use are not allocated-to/owned-by the AD servers.
> (And
> likely never will be.)
That could be a mistake, perhaps you should have used a different block
(10.0.0.0/24 instead of 192.168.1.0/24).
Rowland
More information about the samba
mailing list