Request for Experience: using Bind as primary in Active Directory environment

[Kevin Darcy]

We have just a _tad_ more than 1000 users :-), but so far AD is only in test
mode here. So far, we haven't noticed any significant problems with the
AD/BIND integration. We're using *weak* (IP-address-based) authentication of
course. Seems to me your management should be more concerned with the hard
decision of whether strong authentication is a requirement (since Win2K and
BIND don't agree on how to implement strongly-authenticated Dynamic Updates),
rather than whether BIND scales. Obviously BIND scales, and the Dynamic Updates
coming from Win2K aren't any different, from BIND's perspective, than Dynamic
Updates coming from any other application program or piece of infrastructure. As
for whether Microsoft's DNS implementation scales as well as BIND, well I have
no idea...


- Kevin

kirbini at my-deja.com wrote:

> Hi all.
>
> I am trying to convince the department not to ditch our Bind DNS systems in
> favor of MS DNS with Active Directory.  I've got 90% of the technical detail,
> I'm 100% convinced that it can be done (all Bind, no Win2K DNS), but they
> want examples.
>
> Management is asking for references of sites using Bind as their primary DNS
> in an Active Directory environment.  With or without DNS services running on
> AD boxes, although without it preferred.  They are also asking that these
> "reference sites" have greater than 1000 users.
>
> Is anyone on this list willing to share with us their experience of
> integrating AD into a BIND environment? I may even be able to wrangle some
> free Blue Bunny ice cream as an incentive.
>
> Thanks much,
> Jim Kirby
> Senior Network Engineer/Architect
> Wells' Dairy, Inc.
> http://bluebunny.com
>
> Sent via Deja.com
> http://www.deja.com/