Weird Network Setup
At the moment we are working on providing support for proxy on Ubuntu One. In order to test this correctly I have been setting up a LAN in my office so that I can test as many scenarion as possible. On of those scenarios is the one in which the auth if the proxy uses Active Directory.
Because I use bind9 to set one of my boxed for the DNS I had to dig out how to configure it to work with AD. In order to do that I did the following:
-
Edited named.conf.local to add a subdomain for the AD machine:
zone "ad.example.com" { type master; file "/etc/bind/db.ad.example.com"; allow-update { 192.168.1.103; }; }; -
Configured the subzone to work with AD.
; BIND data file for local loopback interface ; $TTL 604800 @ IN SOA ad.example.com. root.ad.example.com. ( 2 ; Serial 604800 ; Refresh 86400 ; Retry 2419200 ; Expire 604800 ) ; Negative Cache TTL ; @ IN NS ad.marvel. @ IN A 127.0.0.1 @ IN AAAA ::1 ; ; AD horrible domains ; dc1.ad.example.com. A 192.168.1.103 _ldap._tcp.ad.example.com. SRV 0 0 389 dc1.ad.example.com. _kerberos._tcp.ad.example.com. SRV 0 0 88 dc1.ad.example.com. _ldap._tcp.dc._msdcs.ad.example.com. SRV 0 0 389 dc1.ad.example.com. _kerberos._tcp.dc._msdcs.ad.example.com. SRV 0 0 88 dc1.ad.example.com. gc._msdcs.ad.example.com. SRV 0 0 3268 dc1.ad.example.com.Note:Is important to remember that the computer name of the server that has the AD role is dc1, if we used a diff name we have to change the configuration accordingly.
-
Restart the bind9 service:
sudo /etc/init.d/bind9 restart
- Install the AD server and specify that you DO NOT want to set that server as a DNS server too.
- Set the AD server to use your Ubuntu with your bind9 as the DNS server.
There are lots of things missing if you wanted to use this a set up for a corporate network, but it does the trick in my LAN since I do not have AD duplication or other fancy things. Maybe is useful for you home, who knows..
