BIND forward to Windows DNS
Barry Finkel
b19141 at britaine.ctd.anl.gov
Mon Nov 12 15:27:51 UTC 2007
"Rutger Blom" <rutger.blom at svalov.se> wrote:
>Hello,
>
>We have a BIND server which is authoritative for zone "company.com". After some
>years we implemented Microsoft AD with its own DNS server in its own
>zone "ad.company.com". The Microsoft server is authoritative for
>"ad.company.com"
>
>Now we want clients that have the BIND server as their configured DNS
>server to be able to resolve hosts in the "ad.company.com" zone. I
>thought this was done by configuring a forward zone "ad.company.com" on the BIND
>server, alternatively use the "forwarders" option. However, neither of these methods seem to work.
>
>Is there something I am missing here?
There are at least two solutions. The one I would recommend is to
have your BIND servers slave all of the AD zones. That way, your
customers who use BIND as their DNS will get the answers to their
queries without having to have their queries sent to another DNS
server. One word of caution - you need to configure your AD DNS
to allow zone transfers, and, if you have MS DNS Servers on multiple
Domain Controllers (AD-intergrated zones with multi-master), choose
ONLY ONE server to be the master for the BIND slaves. You probably
will need to put the BIND slave servers into the AD zones in NS
records. For more details, check the archives of this list.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-4601
Building 222, Room D209 Internet: BSFinkel at anl.gov
Argonne, IL 60439-4828 IBMMAIL: I1004994
More information about the bind-users
mailing list