[Dnsmasq-discuss] dnsmasq with Active Directory
wkitty42 at gmail.com
wkitty42 at gmail.com
Sat Nov 11 15:15:35 UTC 2023
On 11/10/23 3:57 PM, Matus UHLAR - fantomas wrote:
> On 10.11.23 13:41, Rick Gutierrez wrote:
>> Hi list, A few days ago I configured dnsmasq so that my internal users
>> would use it as the main DNS, but I have some problems, if I try to
>> connect a PC with Windows to the active directory it cannot do so.
>
> AFAIK Active Directory requires/includes DNS and if you use AD, you should use
> AD's DNS servers.
this ^^^
when we used AD, we configured it to pass external DNS lookups to dnsmasq
sitting on the perimeter... the AD handled everything inside and dnsmasq handled
all the external lookups... all internal machines looked to the AD for
everything and had no idea about dnsmasq...
> If dnsmasq forwards all requests to AD servers, it COULD work, but
> why to have dnsmasq then?
>
> there are still requests that can be changed/responded by dnsmasq, which may
> cause your troubles.
>
>> my Active Directory is windows server 2019 and it is my main dns, for
>> computers with windows 10/11.
>>
>> This is the configuration for dnsmasq to work with active directory:
>>
>> more /etc/dnsmasq.d/ad2019.domain.conf
>>
>> # forward lookups
>> server=/ad2019.domain.com/172.16.8.32
>>
>> # PTR/reverse lookups
>> server=/16.172.in-addr.arpa/172.16.8.32
>> server=/17.172.in-addr.arpa/172.16.8.32
>> server=/168.192.in-addr.arpa/172.16.8.32
>>
>> ip active directory: 172.16.8.32
>>
>> config of file dnsmasq.conf
>>
>> local=/domain.com
>> domain=domain.com
>>
>> any help or experience in this scenario?
>
>
--
NOTE: No off-list assistance is given without prior approval.
*Please keep mailing list traffic on the list unless*
*a signed and pre-paid contract is in effect with us.*
More information about the Dnsmasq-discuss
mailing list