Hello guys, thanks for all the answers!!! I was provisioning the AD in the wrong way. As we have our main DNS and it is authoritative for our domain "example.com" I needed to create a subdomain "sandom.example.com" so that AD DNS would be authoritative only for "samdom".
Now everything is working properly. Thank you all!!! On Mon, May 22, 2017 at 11:46 AM, Grant Taylor via bind-users < bind-users@lists.isc.org> wrote: > On 05/22/2017 07:16 AM, Barry S. Finkel wrote: > >> Maybe I am misinterpreting the problem. When I was managing a mixed >> AD-BIND DNS scenario, ALL of the computers used the BIND servers for >> their DNS resolution; none used the AD servers. But I had all of the >> AD zones slaved on my BIND servers, so there was no need for any machine >> to use the AD servers for DNS resolution. The AD servers had only >> the AD zones, so if any machine queried the AD server for a non-AD zone, >> the request would have been forwarded to the BIND servers anyway. >> > > Could your AD clients still reach the AD DNS servers? (It sounds like > they could.) > > It's been my experience that AD clients still want to reach the master > name server (in the SOA record) to do Dynamic DNS updates. > > (I've also successfully forced those through a BIND secondary configured > to forward the dynamic updates to the AD master.) > > > > > -- > Grant. . . . > unix || die > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to > unsubscribe from this list > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > -- Elias Pereira
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
