I have an environment where Active Directory Domain Controllers host their own DNS domains (as is common).
However we are trying to separate DNS and host it on a standalone server (to eventually move to Linux Bind, but for now just the decoupling)
I have tested this in a lab environment but can't get the decoupling to work.
Step One – Basic Setup
- Create an AD zone "mylab.com"
- Add a domain controller "server1.mylab.com"
- AD can update the domain perfectly fine
Step Two – Move out DNS zone
- Backup and delete the entire zone "mylab.com"
- Create a Conditional Forwarder for "mylab.com" pointing to standalone DNS server
- Manually create a new zone "mylab.com" on the standalone DNS server
- Allow Insecure Updates on the standalone server
(On Bind it would be 'allow-update ACL')
Step Three – Test DNS Updates from AD to Standalone
- Restart NetLogon Service
this should trigger the DC to create all the AD related DNS records on "mylab.com" hosted on the new Standalone DNS server.
but I don't see any attempts of DNS updates on the standalone DNS server logs.
I do see DNS queries coming in from the DC, but no updates)
Best Answer
I don't see any mention of updating the name server records. The link below describes the process which involves a dns zone transfer.
https://community.spiceworks.com/topic/2266049-migrating-from-windows-dns-to-bind-dns-on-linux