Difference between revisions of "Cool Solution - DNS-Forwarding and subdomains"

From Univention Wiki

Jump to: navigation, search
m (minor additions)
Line 40: Line 40:
  service bind9 restart
  service bind9 restart
The default log is the syslog.
The default log is the syslog.
= Further Reading =
* [http://answers.oreilly.com/topic/194-how-to-configure-a-name-server-to-forward-some-queries-to-other-name-servers/ How to configure a name server to forward some queries to other name servers]

Revision as of 10:10, 28 October 2014

Produktlogo UCS Version 3.2

Note: Cool Solutions are articles documenting additional functionality based on Univention products. Not all of the shown steps in the article are covered by Univention Support. For questions about your support coverage contact your contact person at Univention before you want to implement one of the shown steps.

Also regard the legal notes at Terms of Service.

This article describes briefly how you can set up Forward Zones and subdomains on the Univention Corporate Server (UCS) with Samba 4.


  • UCS DC Master
  • Samba 4 as DNS-Backend

To determine whether Samba 4 is the DNS-Backend run:

ucr get dns/backend

The output should be "samba4"

Forward Zones

This is useful when only a specific domain name (e.g. domain.tld) needs to be forwarded to other DNS server (e.g. To set up Forward Zones add it in the configuration in /etc/bind/local.conf.samba4

zone "domain.tld" {
  type forward;
  forwarders {; };


Another case is when a subdomain (e.g. sub.domain.tld) is managed by another server (e.g. For "forwarding" to subdomains the normal zones statement can be used:

zone "sub.domain.tld" {
      type slave;
      masters {; };
      forwarders {};

The empty list: forwarders {} means (global) forwarders are disable for the slave subdomain.


For debugging purpose set a higher debug level with:

ucr set dns/debug/level=<LEVEL>

Where <LEVEL> could be some value between 0 and 11. If needed, increase the debug level of the Samba4 module as well:

ucr set dns/dlz/debug/level=<LEVEL>

Restart bind with:

service bind9 restart

The default log is the syslog.

Personal tools