Author Topic: Domain Controller Setup but keep DNS & DHCP in my router  (Read 2630 times)

tedp

  • Zen Apprentice
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
Domain Controller Setup but keep DNS & DHCP in my router
« on: February 03, 2015, 07:45:10 pm »
I'd like to set up a DC for my home network (latest Zentyal 4), but need to keep DNS and DHCP in my home router. Is there a proper Zentyal DNS config to support this? I tried setting up a forwarder in Zentyal to my home router, and also point to the Zentyal DNS server in my router config.

When I try to join the domain, I do get the user/password dialog box, but it then times out and complains that it cannot find the domain controller.

Thanks!
« Last Edit: February 03, 2015, 07:48:00 pm by tedp »

tose

  • Zen Apprentice
  • *
  • Posts: 23
  • Karma: +5/-0
    • View Profile
Re: Domain Controller Setup but keep DNS & DHCP in my router
« Reply #1 on: February 04, 2015, 11:57:09 pm »
My understanding is that the DC MUST be the authorative DNS server for the Zentyal Domain.

I have implemented a Zentyal 4 DC WITHOUT the DHCP Server module, and left the DHCP server for the LAN on my router. The key points to remember are:-

- Set your router IP address as a DNS Forwarder in the Zentyal DNS Module
- In your routers DHCP configuration, set the DNS Server scope option with the Zentyal DC's IP address as the primary DNS Server address to be leased to clients. (Check your client has the DC's IP address as it's Primary DNS Server address before attempting to join domain). I have also set my routers IP as a Secondary DNS Server scope option & domain joins work fine.
- If your router allows "DNS Overides" (I use pfSense) it may be useful to set the internal FQDN of the DC & it's IP address in a Host Overide entry.

One other thing that tripped me up was that I had to create a separate new Domain Admin account to use for domain joins. Using the account created during Zentyal install would not work for me for whatever reason.

Hope that helps.
« Last Edit: February 05, 2015, 12:04:04 am by tose »