• 0 Posts
  • 36 Comments
Joined 1 year ago
cake
Cake day: July 1st, 2023

help-circle











  • Not the original commenter, but I don’t understand how that would increase your attack surface. The AD is inside the network, and if an attacker is already in, you’re compromised. There might be way to refrence a DNS server with a windows server, but then you’re running windows and your life is now much more difficult.

    As per DNS, the AD server must be the DNS provider. If you run something like nethserver in a VM you can use it as a dns & ad server.

    The domain thing, the AD server is the authorative for its domain. So if you set it as top level, like myhouse.c()m, it will refrence all dns requests to itself, and any subdomains will not appear. The reccomended way to get around this is to use a subdomain, like ad.myhouse.c()m. Or, maybe you have a domain name to burn and you just want to use that?