On 31/03/16 18:21, John Drescher wrote:>> Sounds like a strange policy, but do you mean you cannot have a dns
server
>> that connects to the internet or just you cannot have a dns server ?
>>
> I can not have any of my linux machines connect in any way to the
> internet or the company servers. I could install a dns server with no
> forwarders as long as it is not on the company network.
This, in my opinion, gets madder & madder :-)
You can have windows machines that connect to the internet and company
servers, but any Linux machines cannot, why? and what happens if any of
the machines dual boot ?
Just who thought that strange idea up and what is the justification ?
>
>> If the former, you should be aware that you do not have to connect an
AD
>> domain to the internet, you just need the dns server to find the other
>> domain machines and the DCs, or in other words, don't forward
anything
>> outside the domain.
> So I can have the samba dns listed as a dns server on the clients on
> the private network nic and also the company dns servers listed on the
> company network nic? I thought that the dns lookup would look to the
> first dns server (and if it was the private samba dns server that did
> not forward) this would fail then the client machines would not be
> able to resolve any internet or company addresses.
>
> Thanks,
> John
How about some form of firewall device (ipcop, untangle etc) between
your company network and your private Linux network i.e. your company
network is using 10.x.x.x and your Linux network could use 192.168.x.x
Install a Samba 4 DC (or better 2) on the Linux network and connect all
your machines to that.
Rowland