Hello Ahmad,
That was my initial attempt. The issue I ran into was that the dnsmasq
settings on the Virtual Router seem to block the traffic that was required for
the machine to join the domain. I played around with the settings a little bit
and was able to get it to find the domain, so I would imagine that I could
tweak it some more to not be an issue. However, any changes I make on the
virtual router only last until it is restarted, so without a way to make those
permanent I have to circumvent it entirely. The blog post that Murali linked
for how to set up a network without DHCP and DNS seems like it was probably the
correct way to do it, but as far as I can tell would require me to start my
zone from scratch, so I am trying to avoid that if possible.
Thanks, David Ortiz
> CC: users@cloudstack.apache.org
> From: aemne...@gmail.com
> Subject: Re: Using different DNS for guests than Virtual Router
> Date: Tue, 23 Apr 2013 08:49:06 -0700
> To: users@cloudstack.apache.org
>
> Coming from someone that has no clue about active directory... If your using
> a basic zone, why don't you have the AD server deployed outside of cloudstack
> s control. Then point have your dns entries point to it. Have the default
> security group for guests open to the ports AD works on.
>
> Ahmad
>
> On Apr 22, 2013, at 1:42 PM, David Ortiz <dpor...@outlook.com> wrote:
>
> > Hello,
> > I am trying to setup a Windows AD server as a guest on my cloudstack
> > cluster, and join my other guests to the domain it is serving using
> > PowerBroker Identity Services Open. From what I am seeing, the virtual
> > router will block me from being able to perform nslookup or join the domain
> > using the domainjoin-cli command. If I modify /etc/resolv.conf to point
> > directly at my DC as the dns server, it can join the domain without any
> > issues. Unfortunately when I reboot, the dhcp setup with the virtual
> > router will point it back to the virtual router as the name server. I also
> > found that I could get nslookup (but not joining the domain) to work by
> > playing with the dnsmasq.conf settings on the virtual router a little bit,
> > which works until it is rebooted at which point they revert back to what
> > they had been originally. Is there a way to get the virtual router to
> > point guests at the domain controller as the DNS, or to set up the dnsmasq
> > to allow the AD joins to occur (and make those settings persistent)? Or
> > alternatively, would I be able to set up DHCP on the DC and just circumvent
> > the virtual router entirely?
> > Thanks,
> > David Ortiz
