Maintained by: NLnet Labs

Unbound and MS Active Directory.

Fred Krom
Tue May 9 13:03:44 CEST 2017

Hello Group,

I'm new to the group and like to thank you for letting me in.

In the organisation we use two unbound DNS servers to do DNS to the 
internet and the internal zones we are using. Also we are using bind 
caching servers (on Linux and in FW systems).
All the clients are pointing to the local caching servers and / or the 
two unbound servers.
Unbound can use stub-zone or forward for the other domains, I used 
stub-zone also for the MS AD zone.

The problem is that the MS AD is not working correct, group policy are 
not performed on clients.
We can fix that by pointing all the (MS) client systems to the MS AD DNS 

Is it a network problem, and can it be fixed on the network site? Or is 
it a MS AD problem and need the clients DNS point to the AD DNS servers?

Sorry if the question if it is asked before (many times :-)).

Best regards, Fred.