Wednesday, July 2, 2014

How to set up an Ubuntu Secondary (Slave) DNS Server as a Secondary DNS Server to your Windows Active Directory Environment

Recently I had a client ask me to configure an Ubuntu server as a secondary DNS server to their AD environment to give a remote office local DNS.  Here is how I did it-

sudo apt-get install bind9

cd /etc/bind
sudo nano named.conf.local

     zone "domain.local" IN {
             type slave;
             file "/var/cache/bind/domain.local.db";
             allow-transfer { 192.168.0.0/16; };
             allow-notify { 192.168.2.97; };
             check-names ignore;
             masters { 192.168.2.97; };
     };

     zone "2.168.192.in-addr.arpa" IN {
             type slave;
             file "/var/cache/bind/2.168.192.db";
             allow-transfer { 192.168.0.0/16; };
             allow-notify { 192.168.2.97; };
             masters { 192.168.2.97; };
     };

(Note- Replace domain.local with your AD domain, replace the 192.168.0.0/16 with your internal IP subnet, replaced 192.168.2.97 with your internal DC that you want to transfer DNS from.)

sudo nano named.conf.options

     allow-query { any; };
     allow-recursion { any; };

     forwarders {
             8.8.8.8;
             4.2.2.2;
     };


On your AD server, go into DNS, right click on the internal DNZ zone, and add the IP of your Ubuntu box to the zone transfers tab.  Do the same for the reverse zone.

Restart Bind
sudo /etc/init.d/bind9 restart

That's it!!!