Secondary DNS AD Question

[pazza3564]

Sky isn't talking about the DNS Server on Untangle, just the DNS Server settings on the external (wan) nic. So on your dc, primary dns server is the dc, and then secondary dns to Untangle.

Then On Untangle, the ISP dns servers.

[sky-knight]

No I'm talking about both.

In AD environments I use the Untangle server's DNS feature. It's enabled, the AD servers are configured to forward requests to the Untangle server for processing.

The Untangle server forwards to the ISP's servers.

I do this specifically because I'm lazy and when the ISP wants to change numbers around all I have to do is change the settings on UT's external to redirect the entire network's DNS to new servers.

If my memory isn't completely whacked, Mark and Dirk don't like this approach because it's one more potential point of failure in the DNS chain. This is solid logic as well. I'm doing things my way because I have customers that like to switch ISPs relatively frequently, and my primary ISP has renumbered on me twice in the last year.

[opsin]

Everything went extremely well. This client will surely purchase the Standard Edition (35 users).

AD server has DNS running with Untangle as a forwarder (it also has DNS turned on).

Untangle Directory Connector has the IP address of the AD machine.

I setup a few quick policies as examples and showed them how they worked with explanations.

Thanks for all the help!

[Mathiau]

for me i have

UT --> DC1 / 8.8.8.8

2 DCs set up on my network (DC/DNS/AD)

DC 1
--- Self
--- DC 2
Forwarders --> Google and OpenDNS

DC -2
--Self
--Google
Forwarders --> OpenDNS / Google

been smooth so far, i skip my ISP DNS , seem too slow.