Windows AD with external DNS

windows domain-name-system active-directory

How do I configure Windows AD to use an external DNS server? We have a tool for managing DNS. We're attempting to use Windows AD for authentication. In order to get a server to join the domain, we must point it to the AD server as DNS. However, in so doing, the server that is pointed to the AD server for DNS can no longer resolve hostnames in our environment.

We're using example.com for our login domain across the environment. All of our servers are servername.subdomain.example.com.

When I join servername1.subdomain.example.com to the domain it can no longer resolve servername2.subdomain.example.com, unless I manually add the DNS entry for servername2.subdomain.example.com do the DNS on the AD server.

We don't want to have to create two DNS entries for everything so we need the AD server to look at the external DNS server for DNS.

I attempted to create a Forward Lookup Stub zone for subdomain.example.com but when I get to the "Specify the DNS servers from which you want to load the zone" and enter my dns server I get an error when attempting to validate: "An unknown error occurred"

Attempting to add a new delegation under my existing example.com domain is bet with the same error when adding DNS servers.

Admittedly, I'm not a Windows Admin and my understanding of AD is superficial at best, but it seems like what I'm asking for should be relatively simple... I'm just looking for a recursive lookup on hostnames from the domain controller.

Any pointers in the right direction are greatly appreciated.


Solution 1:

However, in so doing, the server that is pointed to the AD server for DNS can no longer resolve hostnames in our environment.

If that's the problem, why not set up a forwarder in AD to your desired DNS server? Open the DNS mmc snap-in on your AD server, right click on the server name (not the zone or any of the folders) and choose "Properties". This will open a dialog window that include a tab labeled "Forwarders" where you can add the IP address of your desired DNS server and set the lookup order.

Related

Checking the issued and expiry dates for the certificates involved a certificate chain
When does a windows client notice that certificate is revoked?
Can two users on an 802.11n network with WPA/WPA2 intercept each other's traffic?
Create a /tmp partition that uses filesystem type of tmpfs in kickstart?
Kubernetes ingress 502 bad gateway on DigitalOcean
Postfix cannot load Certification Authority data error
Setting up Rsnapshot for casual manual backup?
WSUS is downloading hundreds of old declined updates
Allow a div to cover the whole page instead of the area within the container
ORA-28040: No matching authentication protocol exception
Python: call a function from string name [duplicate]
Inheriting class methods from modules / mixins in Ruby