Policy DHCP - DNS

dns
dhcp

#1

Hi,
I have a master DC and a site DC (basically just for site authentication). Both have DHCP. I have created one policy for DHCP DNS and I would like to have 2 dns entries for DNS on the Site which should be the IP of the Site DC and the master DC as the secondary. But every time I save and DHCP is assigned at the site, I get the master DC as the primary and the site DC as the secondary.

Is there a way to force the site DC to be the primary and the master DC as the secondary?

Thanks,

Carlos


#2

What do you mean with “site DC” and “master DC”?


#3

Hey,

First, create a second “DHCP: DNS” policy for your site. In it assign two DNS servers; the site DC being the first and the master DC the second one.

Then assign that new policy to the DHCP network object for the site.

You can have as many policies as you want and connect them to pretty much any object. Univention LDAP Policies work similar to Windows Group Policies: the policy closest to the LDAP object the policy is evaluated for is the one that’s active. Meaning you can assign the default policies to the LDAP root and more specific ones that override the default policy on the LDAP object itself (the “DHCP network” object for the site in your case).

Kind regards
mosu


#4

How exactly is this done?

I created the second policy. They are looking like this:

First: image
Second: image

Summary: image

Then on the DHCP side, I have linked the policies to the subnet like so:

First (ok with 10.55.16.240 as first one): image
Second (the first one should be 10.55.24.240): image

Summary: image

Then on the windows machine on subnet 10.55.24.0/24 I get this:

image

And also in Xubuntu I get the same results:

image

So how I can swap those 2 DNS entries around? I mean they are just fine for the 10.55.16.0/24 subnet, but not for the 10.55.24.0/24 subnet.

Carlos


#6

Sorry for my earlier reply — I didn’t read your post properly.

Looking at your screenshots show that you entered the servers in the same order in both policies. So in order to fix this:

  1. Edit your second policy,
  2. Remove the entry for the .16. subnet & save,
  3. Edit the same policy again,
  4. Add the entry for the .16. subnet as the second one & save.

The additional step is required as simply swapping both entries doesn’t seem to work — probably because the UMC thinks that nothing has actually changed and therefore it doesn’t have to modify the entry.


#7

That solves it and does the trick!!! Thank you very much!!!