cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
 
Register for the monthly ISE Webinars to learn about ISE configuration and deployment.
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

445
Views
0
Helpful
2
Replies
Highlighted
Cisco Employee

Multiple AD without trust AND authoritative DNS server

Hi,

The ISE 2.3 admin guide and the following doc : "Active Directory Integration with Cisco ISE 2.x " both state that :

Cisco ISE supports multiple joins to Active Directory domains. Cisco ISE supports up to 50 Active Directory joins. Cisco ISE can connect with multiple Active Directory domains that do not have a two-way trust or have zero trust between them.

and at the same time :

recursive DNS server is not supported by Cisco ISE.

Since the authoritative DNS server for a domain is co-located with the domain controller, a single DNS server cannot be authoritative for all independent AD domains.

Can you give an explanation about the way to configure a central DNS server authoritative for several non-trusted AD domains ?

thanks,

Jean-Francois    

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Multiple AD without trust AND authoritative DNS server

I've re-opened the doc bug CSCvc74150 and asked for re-wording.

2 REPLIES 2
Cisco Employee

Re: Multiple AD without trust AND authoritative DNS server

I am reaching out to our team as it does not seem right to me. I think the main points are to ensure efficient DNS infrastructure and to properly secure it.

Cisco Employee

Re: Multiple AD without trust AND authoritative DNS server

I've re-opened the doc bug CSCvc74150 and asked for re-wording.