Cache-only DNS servers cannot provide sufficient authoritative responses to DNS requests directly. They refer to authoritative servers, such as a Windows server and then relay the answer to the DNS request. This means, for some cache-only DNS servers, DNS requests, sent to cache-only DNS server, need to have recursive flag. For example dnscache. Other cache-only DNS servers do not require setting the recursive flag. See your DNS server specifications.

Examples of cache-only DNS servers, include:

  • dnsmasq
  • dnscache
  • tinyDNS
  • pdnsd
  • unbound
  • dnrd

The adclient.dns.cachingserver configuration parameter determines whether to send recursive DNS requests or not. When set to true, this parameter sends recursive DNS requests, as apposed to the standard non-recursive requests. Default is false.

To use a cache-only DNS server, in the centrifydc.conf file, set in the adclient.dns.cachingserver parameter to true. There might be some DNS functionality loss in adclient, when this parameter is set to true.

Parameter syntax:

adclient.dns.cachingserver: false

The default setting is false.

When set to true, recursive DNS requests are allowed.

Optionally, the script also provides an option for handling cache-only DNS servers with adcheck. [--dns_cache]

This invokes adcheck with option -r and allows DNS recursion with cache-only DNS servers.