Getting BIND to work with an AD hosted DNS domain
vinny at tellurian.com
Fri Jun 16 15:32:18 UTC 2006
At 09:39 AM 6/16/2006, Mark Drummond wrote:
>My Sun servers were all configured to use a BIND based DNS service
>running on some of my Sun boxes. The DNS domain used is my company's
>official domain name which for arguments sake we call "myco.com".
>Recently the Windows folks completed a migration to AD, and with that
>they implemented an AD based DNS service. On the brilliant
>recommendation of some consultants, rather than using "myco.com" the AD
>folks set up "myco.corp".
>My problem is, my laptop needs to be in myco.corp to function properly
>in the AD domain (things like connecting to Exchange), but at the same
>time I still need to be able to resolve myco.com to work with my Sun
>I'm sure there is probably some way to configure my workstation to
>handle this, but I would prefer a more elegant server side solution.
>What I would like is the following:
>* Manually configure my laptop to reference the DNS service on my Sun
>systems so I can resolve myco.com. (Done.)
>* Have the DNS service on my Sun boxes forward requests for myco.corp to
>the AD servers.
>* And have DNS requests for everything else forwarded to our external
>DNS servers, which are currently hosted by our service provider.
>I'm not completely sure how to implement this. I've been
>using/configuring BIND for many years, but never really had to do much
>more than very basic configs.
>Any pointers are greatly appreciated!
You're best bet for consistency is to make it so both the Windows and
Sun DNS servers are aware of the opposing domains in some way.
Typically you can just do conditional forwarding to achieve this so
requests for just that domain are forwarded to the server you know
that hosts them. Assuming these boxes are also the recursive DNS
servers your clients point to, that would enable it so either sets of
resolvers you use would enable you to resolve the opposing domain on
the other DNS servers.
vinny at tellurian.com
(973)300-9211 x 125
PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0 E935 5325 FBCB 0100 977A
Tellurian Networks - The Ultimate Internet Connection
"Courage is resistance to fear, mastery of fear - not absence of
fear" -- Mark Twain
More information about the bind-users