Hello,
This may sound like a noobish question, but how can I make DNSSEC play nicely when the
external domain have DNSSEC enabled and this makes internal zones failing when creating an
AD trust, since we are using subdomains for our LAN?
Our case:
example.com (External DNS name with DNSSEC enabled)
win.example.com (Active Directory Zone)
nix.example.com (FreeIPA Zone)
Even with the correct conditional forwarders set up in Windows DNS and FreeIPA DNS, DNSSEC
kicks in and fail resolutions.
I _MUST_ disable DNSSEC? There’s another way?
Thanks,