[Pdns-users] PowerDNS and Active Directory
Ciro Iriarte
cyruspy at gmail.com
Thu Jan 15 13:09:46 UTC 2015
2015-01-15 0:37 GMT-03:00 NewWorld <cyreli at hotmail.com>:
> I'd like to know if it is possible to use PowerDNS with Active Directory
>
> I need to build a new Microsoft Active Directory domain, but I also would
> like to use our current PowerDNS infrastructure instead of using the
> Microsoft DNS server.
>
> I'm using PowerDNS 3.3, when I promote my Domain Controller (without
> installing DNS on it) and then point this Domain Controller to use
> PowerDNS,
> the promotion work, but the domain controller fails to register is DNS
> entry
> in the zone.
>
> My Domain Controller is named: DC1.myzone.com
> PowerDNS is Master on these zones:
> myzone.com [Required]
> _msdcs.myzone.com [Optional]
> _sites.myzone.com [Optional]
> _tcp.myzone.com [Optional]
> _udp.myzone.com [Optional]
>
>
> Do I need to configure something on the pdns.conf file, so the DC can
> register itself ?
>
>
>
Hmm, why would you do that?. AD is a combination of various standard
services (kerberos, ldap, dns, etc) with some magical propietary glue. You
can try, but that probably won't end well. For example, when you add nodes
to AD, the AD server should automatically add them to the DNS zone, and
there are some special entries that manage the services, that are
automatically managed on AD server promotion/demotion.
If you already have an internal authoritative server, used for example for
Unix/Linux boxes, you're better off creating a different subdomain for AD.
If you use kerberos for example with that environment, this will allow to
setup external trust relationship between those domains. Keep in mind that
only one of the two can be authoritative for reverse resolution of each
subnet.
If you want to have only one domain and you don't have any integrated
services like kerberos that depends on it, you'll probable better served
moving everything to AD and leaving pdns for public (Internet) services.
Regards,
--
Ciro Iriarte
http://iriarte.it
--
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20150115/a15e1383/attachment-0001.html>
More information about the Pdns-users
mailing list