Cool Solution - DNS-Forwarding and subdomains

Revision as of 17:51, 22 April 2014
This article describes briefly how you can set up Forward Zones and subdomains on the Univention Corporate Server (UCS) with Samba 4.


  • UCS DC Master
  • Samba 4 as DNS-Backend

To determine whether Samba 4 is the DNS-Backend run:

ucr get dns/backend

The output should be "samba4"

Forward Zones

This is useful when only a specific domain name (e.g. domain.tld) needs to be forwarded to other DNS server (e.g. To set up Forward Zones add it in the configuration in /etc/bind/local.conf.samba4

zone "domain.tld" {
  type forward;
  forwarders {; };


Another case is when a subdomain (e.g. sub.domain.tld) is managed by another server (e.g. For "forwarding" to subdomains the normal zones statement can be used:

zone "sub.domain.tld" {
      type slave;
      masters {; };
      forwarders {};

The empty list: forwarders {} means (global) forwarders are disable for the slave subdomain.


For debugging purpose set a higher debug level with:

ucr set dns/debug/level=<LEVEL>

Where <LEVEL> could be some value between 0 and 11. If needed, increase the debug level of the Samba4 module as well:

ucr set dns/dlz/debug/level=<LEVEL>

Restart bind with:

service bind9 restart

The default log is the syslog.

Further Reading

