Background
Some customers prefer to use a Linux BIND server for DNS rather than Microsoft DNS, but still leverage Active Directory for LDAP and SMB services. To do this, several entries in the BIND zone file are required. This article outlines those required entries.
Zone File Entries
1. A Records (Host records)
Each domain controller needs to have an A record like so:
dc1 IN A 10.1.1.10
dc2 IN A 10.1.1.112. SRV Records
These should go into _msdcs.<domain> and <domain> zones.
If using LDAP:
_ldap._tcp.<domain>. 3600 IN SRV 0 100 389 dc1.<domain>.
_kerberos._tcp.<domain>. 3600 IN SRV 0 100 88 dc1.<domain>.
_ldap._tcp.<domain>. 3600 IN SRV 0 100 389 dc2.<domain>.
_kerberos._tcp.<domain>. 3600 IN SRV 0 100 88 dc2.<domain>.If using LDAPS:
_ldap._tcp.<domain>. 3600 IN SRV 0 100 636 dc1.<domain>.
_kerberos._tcp.<domain>. 3600 IN SRV 0 100 88 dc1.<domain>.
_ldap._tcp.<domain>. 3600 IN SRV 0 100 636 dc2.<domain>.
_kerberos._tcp.<domain>. 3600 IN SRV 0 100 88 dc2.<domain>.3. For Global Catalog
If using LDAP:
_ldap._tcp.gc._msdcs.<domain>. 3600 IN SRV 0 100 3268 dc1.<domain>.
_ldap._tcp.gc._msdcs.<domain>. 3600 IN SRV 0 100 3268 dc2.<domain>.If using LDAPS:
_ldap._tcp.gc._msdcs.<domain>. 3600 IN SRV 0 100 3269 dc1.<domain>.
_ldap._tcp.gc._msdcs.<domain>. 3600 IN SRV 0 100 3269 dc2.<domain>.4. PDC Emulator (Primary Domain Controller)
If using LDAP:
_ldap._tcp.pdc._msdcs.<domain>. 3600 IN SRV 0 100 389 dc1.<domain>.
_ldap._tcp.pdc._msdcs.<domain>. 3600 IN SRV 0 100 389 dc2.<domain>.If using LDAPS:
_ldap._tcp.pdc._msdcs.<domain>. 3600 IN SRV 0 100 636 dc1.<domain>
_ldap._tcp.pdc._msdcs.<domain>. 3600 IN SRV 0 100 636 dc2.<domain>5. Reverse DNS (PTR)
10.1.1.10.in-addr.arpa. IN PTR dc1.<domain>.
11.1.1.10.in-addr.arpa. IN PTR dc2.<domain>.