Active Directory External DNS

DNS Aug 28, 2017

I often want to use Microsoft's Active Directory service alongside an existing DNS server. In my case it's usually pfSense but sometimes varies. Whenever I come around to setting it up again it takes me a while to find the TechNet article I need for reference.

These subdomains need delegating to your Active Directory server, which also needs the DNS role installed.

_tcp.<domain name>
_udp.<domain name>
_msdcs.<domain name>
_sites.<domain name>

It's quite straightforward to do this in pfSense.

  1. Open the DNS settings, Services -> DNS Resolver.
  2. Scroll down to the 'Domain Overrides' section at the bottom
  3. Create the overrides above, pointing to your AD server.

Other DNS services like BIND, you need to create some nameserver entries like these.

_msdcs.<domain name>.	IN	NS	<domain name>.
_tcp.<domain name>.	IN	NS	<domain name>.
_udp.<domain name>.	IN	NS	<domain name>.
_sites.<domain name>.	IN	NS	<domain name>.

Just for reference, here's the original TechNet link.

Tags

Jamie Scott

Recommended for you

No posts found

Apparently there are no posts at the moment, check again later.

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.