We have a network with multiple VLANs or sub-nets and each sub-net has its own domain name and the DNS is controlled by an internal Linux BIND server.
E.g.
develop.example.com
support.example.com
office.example.com
staging.example.com
This works fine for all of the Linux hosts, but we are now adding a few Windows PCs and servers into the mix...
And the Windows PCs should be part of a Windows AD domain. There should be one AD with multiple OUs, which represent the sub-domains above.
But from my research, that isn't possible. We would have to create domain controllers for each sub-network. As we only have half a dozen Windows PCs, spread over 5 sub-domains / sub-networks, that would mean 10 DCs (2 for each sub-domain) to control 6 PCs!
Is it possible to have a Windows AD named win-ad.example.com, which controls all Windows PCs, using the relevant OUs and have the Windows PCs accessible under their "organizational" sub-domain and the Windows domain?
E.g. 192.168.0.10 = PC1.develop.example.com = PC1.win-ad.example.com
192.168.1.15 = PC2.support.example.com = PC2.win-ad.example.com
So the Windows AD thinks the PC is in the win-ad sub-domain and the Linux boxes and users can still access it under its "canonical" name?
The Windows DC would be its own DNS for its AD domain and use the BIND server for upstream DNS resolution. Would we have to put the alias in BIND as well as in the Windows domain? Would Windows also need both aliases, I assume not as it would only need it for reverse lookups (IP-address to domain, if it received PC1.develop.example. it should, if my theory is correct, punt that up the line to BIND and if it is looking for PC1.win-ad.example.com, it resolves it itself)? The Linux side doesn't, theoretically, need to know about the win-ad... names at all.
Would this even work?