I’m Kiruthik Kumar(KK), and my blog is about all random things that I spend my time on !

Use DNSMasq as DNS along with Windows Active Directory queries

· by Kiruthik Kumar · Read in about 3 min · (453 Words)
Active Directory DNSMasq DNS LDAP SRV Record RaspberryPi

I have Windows AD installed in my home network with one forest root domain (doco.kiruthik.com) and all my VMs(VHDX - mostly Win2012R2) are part of that domain. One installation of that AD is on a physical drive and the other two are VMs(Hyper-V). Rarely I boot up the physical Server(Windows 2012R2 with AD) as a host since I prefer Windows 10. Also I have some 15+ VHDXs with SharePoint 2013 & 2016 - with farm configuration with search, user profile sync etc.

If a system/service wants to connect to the domain, it needs to resolve the location of that AD server with the help of DNS server, and I don’t want to have the DNS server in the AD as the DNS of my home network. Also I have too many VHDX and I don’t want all of them to point to the default DNS server in Windows server with AD as it might change, or sometimes it’s slow. Plus these VHDX sometimes have some DNS issues if I have AD in the VM. So the VMs couldn’t connect to the AD at times, so my solution was to install a DNS server so that all the AD based DNS queries are resolved easily.

DNS Entries

These two articles(1 & 2) helps if you want to understand about the DNS records required for the clients to talk to the AD server. Simply to put, we need a dozen of DNS records for the clients to identify (locate) the domain server.

So we need to create DNS entries for LDAP, Kerberos, Global Catalog services in the domain server so that the clients can reach them. We require few A & CNAME records and like a dozen of SRV records for those services. Also we require couple of Guids; domain Guid & DSA object Guid of the PDC server.

Find the GUIDs

  • For domain guid, just run the below PS command.
Domain GUID
  • And for DSA object Guid, it’s easier to traverse to the NTDS settings like Active Directory Users and Computers > Domain Controllers > (choose the Primary Domain Controller in use) and right click for the properties
Get the GUID for AD - NTDS Settings

Using DNSMasq in RaspberryPi

DNSMasq is a light weight DNS & DHCP server for Linux platform, and it can be installed on a Pi. So I installed it on my Pi3 and it is my DNS & DHCP server on my home network. The Wifi router points to this Pi as well.

Create DNS entries to add in the DNSMasq configuration file

Edit the DNSMasq configuration file and add the configuration(entries) as per your domain names & Guids.
$ sudo nano /etc/dnsmasq.conf

Text file for the configuration is here.

DNSMasq configuration

Then restart DNSMasq daemon !

$ sudo /etc/init.d/dnsmasq restart