Share via

can't resolve the dns queries made by Azure VM to onpremise resources

tayfun tek 66 Reputation points
2023-06-13T00:00:01.4133333+00:00

Hi everyone,

we have a managed domain in Azure AD Domain Services, which is managed by a local DNS Server as well.

Since both Azure and Local DNS use the same domain (i.e. contoso.com), we can't resolve queries made by azure vm to onprem resources. Because when I start a query for something in contoso.com, it only tries to talk with Azure DNS Servers. Since the domain is not different, it doesn't look up external DNS servers.

I prepared a visual sample of the problem. What is the best practice for achieving this DNS resolution?

Thanks

Untitled Diagram

Microsoft Security | Microsoft Entra | Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Carlos Solís Salazar 18,291 Reputation points MVP Volunteer Moderator
    2023-06-13T13:30:55.92+00:00

    Thank you for asking this question on the Microsoft Q&A Platform.

    Assuming that you can ping the On-Premises DNS Server, you should add a third DNS Server (192.18.1.5) on your Azure VNET

    Hope this helps!

    Accept Answer and Upvote, if any of the above helped, this thread can help others in the community looking for remediation for similar issues.

    NOTE: To answer you as quickly as possible, please mention me in your reply.

  2. TP 145.8K Reputation points Volunteer Moderator
    2023-06-14T01:00:51.1366667+00:00

    Hi,

    One potential option would be to create necessary DNS entries for on premises hosts in Azure AD Domain Services. Another option depending on your needs is to run DCs in Azure for your on premises Active Directory instead of using Azure AD DS.

    Please reference below article for creating DNS entries in AAD DS:

    Administer DNS and create conditional forwarders in an Azure Active Directory Domain Services managed domain

    https://learn.microsoft.com/en-us/azure/active-directory-domain-services/manage-dns

    Please click Accept Answer if the above was useful.

    Thanks.

    -TP

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.