The router needs to have this line in the “Additional DNSMasq Options” box: Where the ad.mnnguyen.com is the DNS suffix for AD that you want to use and the IP is for the AD DNS server. You also need to turn off “No DNS Rebind”. Setting up a DNS Forwarder. The internal DNS server is only able to resolve the Active Directory (AD) DNS zones. To enable recursive queries of other zones, set the dns forwarder parameter in the smb.conf file to one or more IP addresses of DNS servers that support recursive resolving.