Have a scenario at home where I moved the Windows Active Directory domain server(in Win 2012R2) configured in my home network to a Virtual Machine. Since DNS is also configured along with AD, all the VMs are dependent on it - which is what I wanted to separate.
Virtual Machine which has the AD Server which will only host the AD services and DNS will be stripped to some other system
I found these two articles(1 & 2) which explains the required DNS entries for the AD to work properly. So I figured out that we need to have DNS entries for LDAP, Kerberos, Global Catalog services in the domain server so that the clients can reach them. And we require few A & CNAME records and like a dozen of SRV records for those services. Also we require couple of Guids; domain Guid & DSA object Guid of the PDC server.
Simply to put, we need a dozen of DNS records for the clients to identify (locate) the domain server.
Using DNSMasq in RaspberryPi
DNSMasq is a light weight DNS & DHCP server for Linux platform, and it can be installed on a Pi. So I installed it on my Pi3 and it is my DNS & DHCP server on my home network.
Create DNS entries to add in the DNSMasq configuration file
Edit the DNSMasq configuration file and add the configuration(entries) as per your domain names & Guids.
$ sudo nano /etc/dnsmasq.conf
Text file for the configuration is here. You may need to replace doco.kiruthik.com with your domain controller’s forest name. And you have to find out domain Guid & DSA object Guid.
Find the GUIDs
- For domain guid, just run the below PS command.
- And for DSA object Guid, it’s easier to traverse to the NTDS settings like Active Directory Users and Computers > Domain Controllers > (choose the Primary Domain Controller in use) and right click for the properties
Then restart DNSMasq daemon !
$ sudo /etc/init.d/dnsmasq restart