SAMBA AD DC visible from external DNS

I have configured fully functional SAMBA AD DC server. During AD provisioning process i set up SAMBA_INTERNAL as DNS back end. I couldn't use "NONE DNS", it is not supported.

I want to use external(from SAMBA) DNS in my local network which is also visible to outside of a local network (world).

In my external DNS i set all needed SRV and A records for the SAMBA AD DC and they are also visible to outside from the local network. Also I have opened all needed ports to outside.

When i try to add windows computer to local domain it is only possible with defined DNS (SAMBA AD DC i.e. IP 10.0.0.9) but what if i do not want to specify DNS in windows to add computer to domain ? I mean i want to add computers also from outside of the local network with automatic defined DNS (i.e. 8.8.8.8).

How to configure this example ?

PS: ERROR: DNS name does not exist.(Error Code 0x0000232B RCODE_NAME_ERROR)

You don't want to do that and can't - at least not simply.

Why you don't want to - usually DCs are security critical and not accessible from public internet. I presume this is a playground so it might not be so bad.

Why you can't.

• You use RFC1918 IPs for your DCs that are not routable over internet. To be able to domain join, you need public IPs or NAT. NAT is hard as you need to duplicate your DNS records to a separate public zone (split-brain DNS). Also Microsoft RPC does not work well with NAT (or at all) if my memory serves me right.
• You must have enough control over your SAMBA AD's DNS zone so it would appear in public DNS. If your Samba DNS zone is myad.mycompany.com, you either create records in this public zone (split-brain) or delegate zone to your DC (with public IPs).

Either way, it's something that you usually just don't do.