1

I have an Active Directory Server for a domain (let's say, domain.com) that is also a public domain with public DNS records (let's say, using GoDaddy's DNS).

How would I set it up so that if a specific record is not present in the local DNS (e.g. mail.domain.com) it would then look it up in the public DNS? I have already setup DNS Forwarders, but that doesn't seem to affect this scenario.

William
  • 353
  • 1
  • 9
  • 28
  • 2
    It's too late now, but this is one of the reasons that Microsoft recommends not using your public domain name as your Active Directory domain name. Have a scroll through [Windows Active Directory naming best practices](https://serverfault.com/q/76715/7709). – Mark Henderson Nov 21 '17 at 13:43

2 Answers2

3

AFAIK, it isn't possible. If the AD DNS server is authoritative for the zone then it's... authoritative for the zone. It isn't going to forward queries that resolve to NXDOMAIN to another DNS server.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • What if I setup a new subdomain zone and put the nameserver as the public nameserver (GoDaddy's)? – William Nov 21 '17 at 13:43
0

If you have only a few external servers in the domain, you can set up a stub subdomain for each one in your local DNS (see: https://technet.microsoft.com/en-us/library/cc754190(v=ws.11).aspx)

These stub domains contain only NS records for GoDaddy (or whomever), not A or CNAME.

E.g:

DOMAIN.COM
    SOA...
    NS dc1.domain.com, <local IP>...
    A  localServer, <local IP>...
EXTERNAL.DOMAIN.COM
    SOA ...
    NS cns1.godaddy.com
Bob Hyman
  • 51
  • 2
  • 6