active directory, bind9, windows dns - TOGETHER
Chris Buxton
cbuxton at menandmice.com
Thu Sep 21 21:06:11 UTC 2006
This is not an easy task. I'm just going to give an overview here of
one way to solve the problem - there may be other approaches that
meet your criteria.
What is the name of your AD domain? If it's network.prv, you'll need
to do some fancy footwork to delegate just the parts necessary for AD
to the DC. It's doable - instead of one delegation or stub zone, you
would need 6. The subzones are _udp, _tcp, _sites, _msdcs,
DomainDnsZones, and ForestDnsZones. You should also create an A
record named network.prv pointing to your DC.
If your AD domain is something else, you won't need to do all that.
Just make sure the BIND server can find that zone using either a
delegation or a stub zone.
Create the necessary delegation(s) or stub zone(s) in the BIND server
pointing to the DC. Make sure that the BIND server is not forwarding
when asked anything ending in the name of your AD domain - you want
it to be able to perform recursion internally and find data from the DC.
Configure any DHCP server to perform both forward and reverse dynamic
DNS updates to register leases in DNS. This way, client machines
won't be doing that. Make sure the DHCP server is configured to send
DNS queries to MS DNS, so that it also sends updates there.
Configure MS DNS to forward all unknown queries to the BIND server.
No changes are required on the client machines.
Chris Buxton
Men & Mice
Take control of your network
On Sep 21, 2006, at 9:13 AM, jaro80 at gmail.com wrote:
> Hi All
>
> I have local network. Clients use WindowsXP, Linux Debian is my
> router,
> www, ftp server etc and additionally DNS cache server (192.168.0.1).
> I'd like setup Active Directory in my network. I installed Windows
> 2003
> Server as PDC with DNS (192.168.0.2). So, now have two DNS server.
>
> Bind works well, it resolves names like :
>
> john.network.prv - 192.168.0.10
> mark.network.prv - 192.168.0.11
> mat.network.prv - 192.168.0.12
> ...
>
> network.prv is my LOCAL domain, i don't have public domain.
>
> I'd like still use this server (bind) both with DNS server from
> windows
> 2003.
>
> How i should configure bind and Windows DNS? I don't want change
> client
> configuration (they use 192.168.0.1 (bind) as DNS)
>
>
> --------------
> my setup:
>
> ++++++++++++++++++++++++++++++++
> file db.network.prv
>
> $ORIGIN network.prv.
> $TTL 1D
> @ IN SOA deb hostmaster
> 20060919
> 8H;
> 4H;
> 4W;
> 1D;
> )
>
> NS deb
>
> deb A 192.168.0.1
> 2k3 A 192.168.0.1
> john A 192.168.0.10
> mark A 192.168.0.11
> ..
> ++++++++++++++++++++++++++++++++
> file db.192.168.0:
>
> $ORIGIN 0.168.192.in-addr.arpa.
> $TTL 1D
>
> @ IN SOA deb.network.prv. hostmaster.network.prv. (
> 200609192
> 28800
> 14400
> 2419200
> 86400
> )
>
> @ NS deb.network.prv.
>
> 1 PTR deb.network.prv.
> 2 PTR 2k3.network.prv.
> 10 PTR john.network.prv.
> 11 PTR mark.network.prv.
> ..
> ++++++++++++++++++++++++++++++++
>
> --
> Best Regards
>
>
>
More information about the bind-users
mailing list